Feeds

back to article Everything should be encrypted, right?

Here's the perfect plan to solve all those pesky security problems. Confidentiality and data leakage, secure backups, individual privacy, data integrity, identity and access management - all can be dealt with in some way by encryption. So why don't we all just use it then, and be done? Of course encryption is out there, embedded …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

MT940

For those who don't have banking experience, MT940 is a file format used to communicate batch money transfers to a bank and get account statements back from the bank.

This is used by employers to pay wages, for example.

0
0
Anonymous Coward

@Sarah

Could you please elaborate why you rejected my last contribution ? Anything critical about TheRegister not wanted ??

0
1
(Written by Reg staff)

Re: @Sarah

No, I don't have time. You can probably figure it out for yourself.

0
1
Anonymous Coward

Ahh

No, I can't figure it out for myself and I would appreciate WHY you rejected it. At least some boilerplate such as "too critical about our good journalists" or "harsh words only permitted for Microsoft".

0
1

why encrypt selected systems and not selected data?

I'm intrigued that the column headers imply that protection (can only be | is only implemented) by encrypting entire systems rather than just selected elements of the data contained on them.

0
0

Re: why encrypt selected systems and not selected data?

I was presuming that "selected systems" meant not only just all data on particular computers, but might also mean all data belonging to particular applications on many computers, or even all of particular kinds of data. That left "exceptional cases only" as being mostly a given user deciding that a particular file needs encryption; everything that's handled "case by case", basically.

0
0

Re: why encrypt selected systems and not selected data?

I guess I was thinking more along the lines of "Why encrypt every field in a database?" rather than "Why encrypt everything associated with the XYZ application?".

I guess there is a problem if any of the unencrypted fields allowed free format data, or if any of the encrypted fields are used as indexes.

0
0

Almost Everything

I've had posts rejected before and I just chalked it up to my poor choice of words/it wasn't funny/it was crude, and didn't lose any sleep over it. Sometimes I try to put something in it just to have the honor of getting Ms. Bee to reply to a post of mine.

We encrypt everything that leaves our office possible; laptops full disk encryption, USB sticks, email with key words, phones,... The only thing that doesn't get encrypted on a regulare basis is CDs that go to the client.

0
0
Silver badge

Missing option

The main reason for not encrypting is that it makes data recovery more difficult. That is a very important consideration when planning these things.

1
0
Bronze badge
Unhappy

Doesn't anyone ...

... know how to delete anymore ? If I were a Drug Kingpin I would be very displeased.

0
0
Silver badge
Happy

Ideal world

In an ideal world, would encryption not be completely unnecessary?

@jonathanb: I though that the recovery issue was well covered by the "practicalities", "overhead", and "key managements" items...

@Gannon: The problem isn't that people don't hit the delete button; it's that the delete button doesn't actually delete things.

1
0
Silver badge

Missing option

The «reasons» section lacks an important one: "management can't be arsed". When management takes unencrypted media and machines home with them, how do you make the little guys use encryption? The example must come from above.

0
0
This topic is closed for new posts.