LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Risks to Computers.......and Encryption
From:	Charmaine Brooks <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Tue, 22 Nov 2005 08:01:22 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (51 lines)

If I may add - Not all data is created equally.
Identifying which process, or which set of data may need encryption or special processing is most important. Data with personal data that could be subject to identity theft would require greater protection than say the companies purchasing files. Why is it included in backup tapes sent to an offsite facility for an extended period of time? You know - all those standard questions that RM'ers ask.
Charmaine Brooks, CRM
Rimiam Corporation
[log in to unmask]

Peter Kurilecz <[log in to unmask]> wrote:
On 11/21/05, Norman Owens wrote:
> Iron Mountain, a leading
> vendor of these off-site services now says that all responsible customers
> should do this. ie encryption

Bank of America runs a great ad where a gentleman states "we process
13 billion checks a day" and then emphasizes that what they actually
do is process a single check 13 billion times correctly. IM has stated
in the past that they do 5 million pickups and deliveries per year and
that they have suffered only a handful of losses. If only they would
follow BofA's attitude of performing 1 pickup/delivery perfectly 5
million times a year.

IMs suggestion that responsible (organizations) should encrypt their
tapes obfuscates the problem that the pickup and delivery of tapes (or
any other media) should be performed perfectly everytime. Yes
organizations should take every precaution within reason to protect
their information, but at they same time their contracted vendors
should work towards providing the level of protection that their
customers expect from them.

The protection of information involves a whole set of tools. the use
of each tool (transportation, encryption, media, whatever) must be
carefully weighed by the organization that owns the information. this
process takes into account costs, media, manpower, and finally the
ROI. Each organization's decision must be the one that best fits their
needs.

later

--
Peter Kurilecz
Richmond, Va

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance

ATOM RSS1 RSS2

LISTSERV.IGGURU.US