MT940
For those who don't have banking experience, MT940 is a file format used to communicate batch money transfers to a bank and get account statements back from the bank.
This is used by employers to pay wages, for example.
Here's the perfect plan to solve all those pesky security problems. Confidentiality and data leakage, secure backups, individual privacy, data integrity, identity and access management - all can be dealt with in some way by encryption. So why don't we all just use it then, and be done? Of course encryption is out there, …
I was presuming that "selected systems" meant not only just all data on particular computers, but might also mean all data belonging to particular applications on many computers, or even all of particular kinds of data. That left "exceptional cases only" as being mostly a given user deciding that a particular file needs encryption; everything that's handled "case by case", basically.
I guess I was thinking more along the lines of "Why encrypt every field in a database?" rather than "Why encrypt everything associated with the XYZ application?".
I guess there is a problem if any of the unencrypted fields allowed free format data, or if any of the encrypted fields are used as indexes.
I've had posts rejected before and I just chalked it up to my poor choice of words/it wasn't funny/it was crude, and didn't lose any sleep over it. Sometimes I try to put something in it just to have the honor of getting Ms. Bee to reply to a post of mine.
We encrypt everything that leaves our office possible; laptops full disk encryption, USB sticks, email with key words, phones,... The only thing that doesn't get encrypted on a regulare basis is CDs that go to the client.
In an ideal world, would encryption not be completely unnecessary?
@jonathanb: I though that the recovery issue was well covered by the "practicalities", "overhead", and "key managements" items...
@Gannon: The problem isn't that people don't hit the delete button; it's that the delete button doesn't actually delete things.