RE: (Yet Another) Lost Ernst & Young Laptop Exposes IBMStaff

["Justin Polazzo" <jpolazzo () thesportsauthority com>]

> *more* secure than leaving it on the central server and then accessing
it via
> a VPN from a (possibly compromised) home computer.

Well, if you ask me... data such as customer's SSN#, and CC#, etc should
never be allowed to be accessed from outside the company.  If you're not
on the corporate LAN, then no access.  I'd even further lock it down to
subnets if it's possible.


-----------------------------------

Or better yet, have per transaction CC#'s that you can create when you
know you are dealing with a disreputable source (eg most everyone). You
could gen a CC# with enough credit to handle the current transaction.
This could work in the same way a private key generates a public one,
with the private key being your true CC# and the public key being the
per transaction number that has only enough credit for that transaction
and expires after, say X amount of time.

I already implement a form of this by having only one credit card, and
making sure it is maxed out at all times :-)

-JP (who thinks we should be able to request new SSN#'s whenever a
breach of security happens, at the expense of the company/govt-org that
(unwillingly)distributed it in the first place

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.