Educause Security Discussion mailing list archives
Re: Email Security Policies/Practices for Staff
From: Jeff Giacobbe <giacobbej () MAIL MONTCLAIR EDU>
Date: Tue, 28 Nov 2006 16:57:42 -0500
Mike- In our Systems and Networking groups we have instituted a de-facto policy of using GnuPG in conjunction with The Enigmail plugin for Mozilla Thunderbird. The GnuPGP + Enigmail combo allows us to easily sign and encrypt sensitive email (root passwords, etc) to one or more individuals and on the receiving end the recipient just needs to enter his/her PGP passphrase to decrypt the message right within the t-bird message pane. Enigmail also includes a basic key management interface so its really a self-contained solution. Enigmail is available at http://enigmail.mozdev.org/ Regards, Jeff Giacobbe Montclair State University Mike Wiseman wrote:
Hello, I'm interested to find out if institutions are implementing policies/practices/services on using email with sensitive or confidential content. I'm thinking of staff working in HR, administration, financial, admissions, network operations, etc. who want to (or do) use email and need end-to-end security services to reduce exposure to forgery and information compromise. Services such as email authentication (digital signing via S/MIME or PGP) and/or encryption (S/MIME, encrypted archives, key storage). The issue comes up occasionally and people like me give the usual 'don't do it - it's not secure' line. I'd like to look at recommending products and/or providing the services required. Mike Mike Wiseman Manager - Computer Security Administration Computing and Networking Services University of Toronto
Current thread:
- Email Security Policies/Practices for Staff Mike Wiseman (Nov 28)
- <Possible follow-ups>
- Re: Email Security Policies/Practices for Staff Jeff Giacobbe (Nov 28)
- Re: Email Security Policies/Practices for Staff Brian Epstein (Nov 28)
- Re: Email Security Policies/Practices for Staff Paul Russell (Nov 28)
- Re: Email Security Policies/Practices for Staff Curt Wilson (Dec 01)
- Re: Email Security Policies/Practices for Staff Mark Poepping (Dec 02)