Richard Pieri <[email protected]> > Physical security comes first. Encryption is no substitute for physical > access controls.
Agreed. They are two separate layers of security. You can do one, or the other, or both, or neither. You decide. > If you refuse to maintain physical control over your > data and equipment then you deserve what happens to it. I have no > sympathy when it does. I laugh and I point and I say "I told you so". Respectfully, we do not agree on this point. Loss is no laughing matter, no matter what mistakes were made by he/she who suffered the loss. The point of this discussion is to encourage readers to think about appropriate steps to protect against future loss. No security is 100% effective, there will be future losses and it's impossible to say how or when. Additional layers of security, whether "necessary" or not, are worthy of discussion. Encryption is pretty darned easy to use, doesn't add burdensome complexity (depending on the tool you select), and is very often necessary for cloud deployment. (I happen to work in an enterprise-software team deploying to AWS, so there's no choice: we encrypt. Everything.) For home/small-business users, the odds of theft or human-error are considerably higher than in an enterprise situation, depending on your location and other variables. -rich _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
