Re: [Wikimediach-l] Do we use (american) cloud solutions at WMCH Q
Le 10/06/2013 23:20, Frédéric Schütz a écrit : > Some informal exchanges of files are still done using Dropbox; now is > probably a good time to get rid of them. The wiki works now pretty well and Manuel has increased the upload limit to 32MB. IMO, this is the best place to store files which should be kept for a long time. Otherwise, for temporary usage, there are a few open source alternatives which could be installed on our server to deliver a service similar to dropbox (if the groupware doesn't already offer that): http://hilalpost.com/fr/2013/01/24/alternatives-open-source-a-dropbox/ Regards Emmanuel ___ http://wikimedia.ch Wikimedia CH website Wikimediach-l mailing list https://lists.wikimedia.org/mailman/listinfo/wikimediach-l
Re: [Wikimediach-l] Do we use (american) cloud solutions at WMCH Q
Having managed for long time a huge mass of data of people, I would use a Latin sentence: "Est modus in rebus" To protect all data is a Sisiphus work, the same European law differentiates between most critical data and they put several levels of attention. The heath data, for instance, have a specific Swiss law to be used and there is a stronger protection of them. In the other hand the data like email address, phones, home address are considered with a low level of priority. Probably to protect us we should not use Ipad or Iphone or we should not use free email account, the advantage to use gmail is that it is free, easy to use and easy to configure in devices. Every time we discover that our data are not protected in Internet it's like to discover that green tee protects from cancer and we start to drink liters of green tee but we definitively reach the maturity that we are full of green tee and we start to disagree it. It would be better to drink green tee but using the correct level. So don't panic (and I am not speaking about this discussion but about those happening in other wikimedia mailing lists). I always used gmail for "innocent" content and always used some other private emails for "reserved content" or to contact my family or my beloved friends. My gmail's account is easy to reach, it's public and always available because my goal is to be reachable, so everyone can use hangout to contact me. But in the other side I have never received critical data in my gmail. I invite all people to write them in a specific OTRS queue in order to use the protection that is present around it or to move in my private emails. Basically I would say that the email is something that allows people to be contacted easily and to be checked easily, but there is also the compromise with the security and the protection of data. The correct approach is in the middle. Regards On Mon, Jun 10, 2013 at 8:22 PM, Emmanuel Engelhart < emmanuel.engelh...@wikimedia.ch> wrote: > Hi Manuel > > Le 10/06/2013 19:53, Manuel Schneider a écrit : > > Am 10.06.2013 19:31, schrieb Emmanuel Engelhart: > >> I propose to invite all concerned users to: > >> * create a WMCH mailbox for them > >> * change the target email address to something more acceptable like > >> email box from the provider or european web mails like GMX. > >> > >> Would that be feasible? > >> Does something speaks against such type of restriction? > > > > generally all users who have asked for a WMCH mail address are initially > > offered an IMAP mailbox and I normally tell people why this is better > > than a redirect - just out of practical reasons, put ideological / data > > security aside. > > Anyway, if it is the whish of the user to get his mail forwarded > > instead, who am I to deny it? > > > > Anything else - any restrictions - should be decided by the board. > > > > Just as a summary what we are talking about, after a short look on the > > mailserver: > > * 6 redirects to gmail (Google) (1 staff) > > * 1 redirect to Hotmail (Microsoft) (1 board) > > * 2 swiss domains whose MX records point to swiss mailservers (both > board) > > * 5 addresses redirecting to the WMF > > > > To be honest: I understand and agree with your scepticism towards > > private data flowing through third parties which are bound to make > > benefit with that data (Google and Hotmail are free, and not because the > > are philantroph) even withing countries which are known to spy on their > > citizens. Anyway I am not sure that even if we were sure that our data > > is being spied at if it was valuable enough to force our volunteers to > > abandon their primary mail accounts. > > > > It is a different situation for the board, even though they are still > > volunteers they do deal with sensitive data, but that should not > > normally not be transfered via e-mail anyway. > > Your approach of promoting mailboxes vs. redirects makes a lot of sense. > If we achieve to do that for staff/board, we are on the secure side. > > Other email addresses are less critical... but we should keep a vigilant > eye on that, we are responsible for our data... also if that could > bother users. > > > For the staff it is clear: that can only be a mailbox. So in that one > > case I am happy you made me aware of a problem. I will talk to that > person. > > > > For myself I try to adopt a sceptic but pragmatic approach: Sometimes I > > use Google services but only where I have no good replacement (mainly > > Google spreadsheets) and then only for a temporary usage. I don't want > > to rely on it. I use it for a certain task, then I store the result > > elsewhere. Otherwise I use these services - this applies to all kind of > > Social Networks where we have the same scepticism for a different reason > > - with data I really and deliberately want to publish. So that data > > can't be "stolen" or misused anyway. > > Great! > > Good evening > Emmanuel > > ___ > http:/
Re: [Wikimediach-l] Do we use (american) cloud solutions at WMCH Q
Le 11/06/2013 11:34, Ilario Valdelli a écrit : > Basically I would say that the email is something that allows people to > be contacted easily and to be checked easily, but there is also the > compromise with the security and the protection of data. > > The correct approach is in the middle. This approach is unprofessional, you have to do the necessary to keep/protect the privacy of your email exchanges. If you don't care, it's your right ; but at least take in consideration the privacy concern of people writing to you, to the association. So, it's not about you, your feelings or convenience. We have the chance to have an IT infrastructure providing powerful alternatives, so use it! If you have some difficulties setting up an email client with different mailboxes, I'm ready to help you. Emmanuel ___ http://wikimedia.ch Wikimedia CH website Wikimediach-l mailing list https://lists.wikimedia.org/mailman/listinfo/wikimediach-l
Re: [Wikimediach-l] Do we use (american) cloud solutions at WMCH Q
What is the meaning of "unprofessional"? If someone writes me his own credit card number in his email, I can use the maximum of my professionality to protect him for this specific case, but I cannot be responsible for his privacy at all because he has a strange behavior and he can send his credit card number to everyone with the same level of attention. In Wikipedia it's frequent that people uses mailing lists for some private data, but few people understand that the mailing lists are *public*. So who is unprofessional? The WMF's team or the people using the mailing lists? How much people fight with Google ranking because they discover to have wrote stupidity in Internet and at the first places there have their stupidity? Should Google stops to rank websites to be "professional"? The law is clear. The companies storing data should operate in good faith, but the people should take care of their own data and where they store their own data. If you gives the keys of your home to the first person meets in the street, you cannot say afterwards that someone has entered in your home without your permission. So, I would recommend you to don't speak about professionality. Regards On Tue, Jun 11, 2013 at 11:57 AM, Emmanuel Engelhart < emmanuel.engelh...@wikimedia.ch> wrote: > Le 11/06/2013 11:34, Ilario Valdelli a écrit : > > Basically I would say that the email is something that allows people to > > be contacted easily and to be checked easily, but there is also the > > compromise with the security and the protection of data. > > > > The correct approach is in the middle. > > This approach is unprofessional, you have to do the necessary to > keep/protect the privacy of your email exchanges. > > If you don't care, it's your right ; but at least take in consideration > the privacy concern of people writing to you, to the association. So, > it's not about you, your feelings or convenience. > > We have the chance to have an IT infrastructure providing powerful > alternatives, so use it! If you have some difficulties setting up an > email client with different mailboxes, I'm ready to help you. > > Emmanuel > -- Ilario Valdelli Wikimedia CH Verein zur Förderung Freien Wissens Association pour l’avancement des connaissances libre Associazione per il sostegno alla conoscenza libera Switzerland - 8008 Zürich Tel: +41764821371 http://www.wikimedia.ch ___ http://wikimedia.ch Wikimedia CH website Wikimediach-l mailing list https://lists.wikimedia.org/mailman/listinfo/wikimediach-l
Re: [Wikimediach-l] Do we use (american) cloud solutions at WMCH Q
Le 11/06/2013 12:28, Ilario Valdelli a écrit : > What is the meaning of "unprofessional"? You obviously don't care about the privacy of email exchange: that's unprofessional. Emmanuel ___ http://wikimedia.ch Wikimedia CH website Wikimediach-l mailing list https://lists.wikimedia.org/mailman/listinfo/wikimediach-l
Re: [Wikimediach-l] Do we use (american) cloud solutions at WMCH Q
I take care because I protect my email with a good password, no one has access to my mailbox and I don't distribute to the mailing lists the mails addressed directly to me. Any other question of security is not in my hands. What I am saying is that I have several other emails and if someone would write me keeping their emails within Switzerland, it's sufficient to ask me which is my "private" email. regards On Tue, Jun 11, 2013 at 12:37 PM, Emmanuel Engelhart < emmanuel.engelh...@wikimedia.ch> wrote: > Le 11/06/2013 12:28, Ilario Valdelli a écrit : > > What is the meaning of "unprofessional"? > > You obviously don't care about the privacy of email exchange: that's > unprofessional. > > Emmanuel > -- Ilario Valdelli Wikimedia CH Verein zur Förderung Freien Wissens Association pour l’avancement des connaissances libre Associazione per il sostegno alla conoscenza libera Switzerland - 8008 Zürich Tel: +41764821371 http://www.wikimedia.ch ___ http://wikimedia.ch Wikimedia CH website Wikimediach-l mailing list https://lists.wikimedia.org/mailman/listinfo/wikimediach-l
Re: [Wikimediach-l] Do we use (american) cloud solutions at WMCH Q
Dear all, just a few words. I won't engage in this discussion but I am reading it all. Thanks for bringing up the topic, I hope it makes people more aware of their responsibilities towards the data they handle and I am thankful that through this discussion we found the one case where staff mails were redirected, this has been fixed in the meantime (that person got his mail address many years before as a volunteer, so I didn't notice earlier). There are some best practices in IT administration which I am following and which have a sane cost-benefit ratio. There is no difference in the kind of data we handle, it all gets the same protection. I am aware that this is never a 100% perfect protection but quite good depending our investment of money and effort. Hartwig is also right sying that this will not save us from a government to spy on us. As we have our own servers and there is plenty of cool open source software around for all kind of problems I am using this wherever possible. Also natural we are using enycryption (HTTPS, IMAPS etc.) where applicable and we control access granularly, allowing people to access the server but only in areas needed, isolating each website and each database with its own accounts and system groups. Am 11.06.2013 09:12, schrieb Emmanuel Engelhart: > The wiki works now pretty well and Manuel has increased the upload limit > to 32MB. IMO, this is the best place to store files which should be kept > for a long time. The wiki should only be used to store files that won't change very often. Policies or forms for instance, which are created once and downloaded many times. For an exchange of file use our file service via webDAV: https://members.wikimedia.ch/Tine_Manual It has a dedicated space for projects everyone who has a WMCH mail account can access. /Manuel -- Wikimedia CH - Verein zur Förderung Freien Wissens Lausanne, +41 (21) 34066-22 - www.wikimedia.ch ___ http://wikimedia.ch Wikimedia CH website Wikimediach-l mailing list https://lists.wikimedia.org/mailman/listinfo/wikimediach-l
