Keeping email under lock and (public) key
With governments and law enforcement organizations pushing for increasingly intrusive monitoring and logging of business email messages, network administrators are put in an uncomfortable situation. Even disregarding privacy implications, such systems pose security problems at least as serious as those they attempt to solve. A "master archive" of emails is after all an extremely tempting target to external hackers, but it also has staggering potential for internal abuse. Ideally, we would want no centralized mail logs, but legal and corporate requirements mandate suitable record-keeping in the case of an internal or external audit. One way to meet both goals is by encrypting the archive using public key cryptography.
By Marcelo Rinesi at NewsForge.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.