General discussion

  • Creator
    Topic
  • #2264918

    Executive networks

    Locked

    by kwandtke ·

    I recently received request to supply options for an “Executive Private” network. Seems the smallish company I recently started at had some info leaks sometime back and are a little leary of email and info storage on our network.

    After the inital “they don’t trust me?” reastion I regained control and said OK .. how would I do this. I’m thinking about introducing something like PGP to them so they can secure thier email. We’re looking for a new email system .. maybe I’ll suggest Notes .. anyway, I’m just wondering if anybody else has received a request like this and how they responded .. add-on security like PGP?, I’m also thinking about a good auditing system that I can turn the role of auditor over to the head of HR … that way I could theoreticaly still get at the data but not without it being known.

    Anyway, I’m open to ideas.

All Comments

  • Author
    Replies
    • #3216803

      start with problem definition

      by bigbigboss ·

      In reply to Executive networks

      Don’t even think about solutions. The problem may have already been solved. Ask specifically what do they want to protect, what is the problem now, and, more importantly, who else do they want to allow access to, and how that access must be granted. You may have to tighten security for everybody, not just the executives to do this. But you must do a security assessment for the whole place before you even think about what security measures are required, and, at the very, very end, think about products and solutions. Don’t forget policies and training, and enforcement organization. Security with no policy and organization that finds out whether the policies are followed and provide compliance reports to the executives is worse than not doing it at all.

Viewing 0 reply threads