JISCMail - DATA-PROTECTION Archives

I agree with the point Roland is making here.  Clearly, a .gsi, .cjx or
similar is secure within it's own boundaries but won't be if a message is
sent to the public internet or other insecure intranet.  There are other
significant security issues too in this scenario, obviously the identities
of military personnel which should be protected along with associated
security requirements to prevent compromising military activities.
Encryption at the correct level should establish the technical security
however, strict organisational discipline with appropriate operational
procedures must also be employed.

Peter Lane.


-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Roland Perry
Sent: 08 April 2004 13:31
To: [log in to unmask]
Subject: Re: UK Military bases outside the EEA


In message
<[log in to unmask]
 >, "Broom, Doreen" <[log in to unmask]> writes
>I can see from your address that you have a secure e-mail address

Be very careful what you mean by "secure email address". There are two
quite different kinds of security involved here.

One is anti-eavesdropping, which is largely independent of the email
addresses used (unless you are sure that email from one to the other is
either encrypted or never travels via the public Internet).

The other is to do with identity, and being sure (for some value of
"sure") who is at the other end. Again, encryption can solve some of
that, and some top level domains are hard to infiltrate. But what if the
recipient leaves their PC switched on at lunchtime, or there's a mole in
the IT department.

All good DP issues, in fact.
--
Roland Perry

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^