On Wed, 6 Feb 2002, Darryl Luff wrote:
> Ron DuFresne wrote:
> >
> > This internal issue is perhaps the greater risk of sniffing one probably
> > faces in this area. And that does not have to be an issue of folks
> > reading e-mail externally. Sniffing is not the huge gotcha some believe
> > it to be really. For one thing, a person has to consider, how much e-mail
> > traffic is really encrypted, both internally and externally from most/many
> > corporations? SMTP does not itself employ encryption and is the way such
> > communication primarily traverese an internal site and leaves there
> > externally. Now, there are communications and corporate bits of
>
> I think a big problem with giving external access to internal mail is
> that people tend to put more sensitive material in an internal email
> than an internet email.
>
> If the recipient is reading their internal mail across the internet, the
> information could be exposed more than the sender intended.
>
Agreed, though with the original requester mentioning they have a lotus
notes server setup, they should beable to supply access to an external
lotus server for e-mail reading with the lotus encryptioon functions,
depending upon the level of encryption lotus servers can employ outside
the Us these days, and I don't think there are too many restrictions on
this these days, this should provide a good deal of security of e-mail
transmition. Otherwise, as stated before this should be part of the
original risk analyisi and policy setting structure prior to the firewall
implimentation and or any decisions about external access of any kind for
a company. This certainly should not be an 'off the cuff' decision,
implimneted for some upper mgt or middle level mgt person to read their
e-mail from home while caring for the kids while the wife is out of town.
This tends to be a reason all to often where a corporate policy gets
circumvented or changed on the fly, often without full consideration of
the risks it may well involve.
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
