HIPA and Network Configs

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MGary Nichols at <-
MGary Nichols at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: der.hans
Date:  
Subject: HIPA and Network Configs
Am 04. Jan, 2003 schw=E4tzte Gary Nichols so:

> That's a hornet's nest I don't even want to touch. ;-)
> The baseline is that you have to prevent any ->unauthorized <- access
> to your systems.
> For example, if you have a contract with IBM that grants them access to
> dial-in via SecureID to work on your machines, then that's fine - it's
> authorized - however you also have to have a 3rd party agreement with
> them stating such and assigning responsibilities, damages, etc. This
> is a topic all in itself. *blah*

It's also something that doesn't happen with the m$ license, which is all
one-sided.

> > Does it approve transmission accross 3rd party networks?
> >
>
> Yes - I assume you mean a private point-to-point private network
> connection. Provided of course that you can prove that you have
> adequate safeguards in place on both ends. On such a connection,
> encryption is not required.

Actually, I mean transmission across someone else's network, e.g. VPN over
the Net. It also means something like a leased t1 to a leased t1 where the
ISP has access to the data as it goes across the ISP's system.

> > And if the wireless is tunneled using the approved encryption standard?
>
> It's not so much that it's encrypted over the spectrum, it's that the
> spectrum isn't approved. At least that's the problem I'm having.

So tunnelling across the Internet is OK, but tunnelling over 802.11 isn't?

> > Is it a decent encryption standard?
>
> Depends on your interpretation of 'decent'.

Not the "cracked 4 hours after its release m$ vpn".

> Even more interesting is that ANY phi that leaves your network over a
> public network has to be encrypted - that includes web., ftp, telnet,
> smtp... etc. This is forcing a lot of companies to have a "hello
> Jesus" with security finally. The industry is moving towards https,
> sftp, ssh and pki-based solutions.

Cool.

> Again, this is a good thing - I just hope that they enforce it.

I definitely want them to do so.

thanks for the answers, 

der.hans
--=20
#  https://www.LuftHans.com/    http://www.TOLISGroup.com/
#  Motorraeder toeten nicht. Motorraeder werden getoetet.



This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-HIPA and Network ConfigsHIPA and Network Configs->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)