Re: Network IPS Information Security Policy

[Alex <alex.everett () UNC EDU>]

What about antivirus and its reading of files upon read/execution or weekly?
Encryption doesn't help much there.

-Alex
UNC

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of randy marchany
Sent: Friday, November 13, 2009 2:54 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Network IPS Information Security Policy

This is an interesting thread and I have another question to ask.
Given the nature of IPS and it's ability to basically read any email, chat,
or any data sent through the wire, how are institutions dealing with the
potential public relations nightmare of explaining to your constituents that
this device and its keepers have that ability? Does anyone have a stock
answer of "balancing security of the infrastructure with the ability for
transmissions to be monitored"?
Has anyone run into this situation? I can see spinning the answer to say
that "encryption" is the best way to go but then that will start to limit
the ability of the IPS to detect attack payloads.

Just wondering.

-Randy Marchany
VA Tech IT Security Office & Lab

Attachment: smime.p7s
Description: