Your Data and the P2P Peril - InformationWeek article - Arshad Noor - org.oasis-open.lists.ekmi

2 messages in org.oasis-open.lists.ekmiYour Data and the P2P Peril - Informa...

From	Sent On	Attachments
Arshad Noor	Mar 20, 2008 11:53 am
Allen	Mar 20, 2008 3:02 pm

Subject:	Your Data and the P2P Peril - InformationWeek article
From:	Arshad Noor (arsh...@strongauth.com)
Date:	Mar 20, 2008 11:53:01 am
List:	org.oasis-open.lists.ekmi

Probably, one of the scarier articles I have read. Portends more danger for the business environment as an entire generation growing up using such software migrate into the corporate world over the years.

While the solutions recommended in the article will help, they address only part of the problem. Even Full Disk Encryption (FDE) is not a solution, as P2P networks operate only when a legitimate user has booted up the machine (by which time the FDE software is already decrypting everything for applications).

The only long-term solution with the smallest attack-surface is: Policy + Enforcement + Education + Application-level encryption requiring the authentication of users before decrypting content.

Arshad Noor StrongAuth, Inc.

Link to the article: http://www.informationweek.com/news/showArticle.jhtml?articleID=206903416&pgno=1&queryText=

Don't miss this side-bar that documents what the writer found when trolling P2P networks:

http://www.informationweek.com/story/showArticle.jhtml?articleID=206903417

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets