ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Confidentiality of client data

1998-07-08 08:28:13
Subject: Re: Confidentiality of client data
From: Richard Sims <rbs AT BU DOT EDU>
Date: Wed, 8 Jul 1998 08:28:13 -0400 
System administrators, by definition, have to be trustworthy, given
that they have full control of the systems and data under their care.
Sure, you can imagine scenarios where the sysadmin absconds with all
the data, but such a person should not have been put into that kind
of position of power.

Encrypting data in ADSM, in your scenario, is rather pointless in that
it is under the control of the sysadmin whom you don't want to trust.
If your users are *seriously* concerned about the confidentiality of
their data, they should be encrypting it where it lives, on their host.
This gives the fullest protection, no matter where that data goes, and
is under their control rather than someone else's.

    Richard Sims, Boston University OIT
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Scheduled event tables (what to really check), Dwight Cook
Next by Date:  Re: Here's an easy one, Dwight Cook
Previous by Thread:  Confidentiality of client data, Luc Busschots
Next by Thread:  Re: Confidentiality of client data, Luc Busschots
Indexes:  [Date] [Thread] [Top] [All Lists]