paul @
hawksbill .
sprintmrn .
com (Paul Ferguson) said:
>My point is that if your passwords are not traversing networks that you do not
>control, and the data that _is_ traversing networks beyond your control is
>not _sensitive_, then there is such a thing as 'overkill'.
>
>Be practical.
>
>If your data is sensitive enough to encrypt, then it is sensitive enough
>to consider a seperation of networks altogether.
>
>There are, however, needed applications for encryption on the internet,
>for example, for business transactions where credit card information
>is transmitted (e-commerce).
Good point. However, does the use of a 'seperate' network vs the Internet
still pose the same risks given the fact that the network topology may
result in sharing a telco providers switch with someone else (the private
network is 'virtual' )? The emphasis here is not on how sensative the data
is, each site can determine that or not, but if the use of a virtual private
network vs a public network is 'safe' enough to not require encryption of
the data to prevent 'snooping' by whatever means.
My $.04 for today...
Chris
-----------------------------------------------------------------------
Opinions expressed are mine and not those of my employer (usually)
-----------------------------------------------------------------------
Christopher L. Werner Robert Bosch Corporation
System Engineer 38000 Hills Tech Drive
(810)553-1389 Farmington Hills, MI 48331-3417
Follow-Ups:
|
|
