1997-10-27 - RE: Orthogonality and Disaster Recovery

Header Data

From: Fisher Mark <FisherM@exch1.indy.tce.com>
To: “‘cypherpunks’” <cypherpunks@cyberpass.net>
Message Hash: ebf4611a16d232028c25caab9be88f5230fb70db1ff1624ba21605d53fd169fb
Message ID: <2328C77FF9F2D011AE970000F84104A74933DC@indyexch_fddi.indy.tce.com>
Reply To: N/A
UTC Datetime: 1997-10-27 18:35:52 UTC
Raw Date: Tue, 28 Oct 1997 02:35:52 +0800

Raw message

From: Fisher Mark <FisherM@exch1.indy.tce.com>
Date: Tue, 28 Oct 1997 02:35:52 +0800
To: "'cypherpunks'" <cypherpunks@cyberpass.net>
Subject: RE: Orthogonality and Disaster Recovery
Message-ID: <2328C77FF9F2D011AE970000F84104A74933DC@indyexch_fddi.indy.tce.com>
MIME-Version: 1.0
Content-Type: text/plain



Tim May wrote:
>I'm quite certain that the Security and MIS directors at various
companies
>asked PGP, Inc. to include message recovery features. Not so much to
handle
>the very rare (almost nonexistent) cases where a piece of mail sent at
some
>time in the past has to be recovered because Alice was hit by a truck,
or
>similiar unlikely events (*), but because Security and MIS folks would
like
>the option of "monitoring" e-mail traffic.

As someone who has witnessed recovering email (the icky task fell to
someone else), I can tell you it's not a pretty sight.  Employees leave,
sometimes under a cloud (sometimes under several tornadoes worth of bad
weather), sometimes people are assigned overseas, etc. -- sometimes file
recoveries need to be done, which implies that there may have been
encryption used on those files.  CDR (IMHO) would allow for these kind
of recoveries without compromising the security of the data en-route.
Personally, I would prefer a CDR system that did _not_ encrypt the
stored plaintext, just because that simplifies matters while also
preventing use of CDR for GAK, as there are _no_ general organization
keys for the government to desire.  Nothing prevents the employee from
encrypting the "recovery file" anyway, which should be done if the
information is "sensitive but unclassified" (like company financial data
that should only be viewable by the employees responsible for that
data).  (This should be done in most companies because any computer kept
at the desktop is inherently insecure.)  (Handling disk/file encryption
keys in a corporate setting is a separate matter.)

The ability to recover important documents is what _I_ want as an IS
member -- and CMR isn't the best way to do it.

(Personally, if IS has time to monitor everyone's email, I think they
are *way* overstaffed...)
==========================================================
Mark Leighton Fisher          Thomson Consumer Electronics
fisherm@indy.tce.com          Indianapolis, IN
"Their walls are built of cannon balls, their motto is
'Don't Tread on Me'"






Thread