Data privacy is a major issue in email, as with many other types of network communication. It isnt enough to ensure that your data is encrypted during transport and storage rather, you should also ensure it is encrypted with a strong algorithm. See this footnote168 for a Windows screen saver that attempts to brute-force with S/MIME 40-bit RC2 keys, which are considered a weak encryption mechanism, if your goal is more than casual protection from prying eyes. Sometimes casual protection is enough, but often business requirements demand more security. Your organization would be advised to develop a policy for email security, specifying to users which levels of encryption, if any, are to be used for which types of communication, how long email is retained, who is permitted access to it, etc.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.