funsec mailing list archives
Re: IT Sec Policies on travel from US to China?
From: Jeffrey Walton <noloader () gmail com>
Date: Sat, 9 May 2015 16:33:03 -0400
On Fri, May 8, 2015 at 8:05 PM, Marc <marc () marcd org> wrote:
Hi Jeff, I'm not where I can get it for you right now but the State Department has that guidance. Check their web site. Our folks have to check in with them on out of country travel. I can go into a little more depth off list about temp devices and accounts and other stuff. ..some is fouo and up but some I can share.
Yeah, for non-diplomats, this seems to be a problem. Full disk encryption with trusted execution environments will help with malware that attempts to burrow in. But it won't help with the Chinese government because it has legal access to everything (http://www.nytimes.com/2015/01/29/technology/in-china-new-cybersecurity-rules-perturb-western-tech-companies.html). And I can't see a way to give someone access to their email because the Chinese government has legal access to it. I think its very risky to allow outsiders, like the Chinese government, to access an Inbox with 5 or 10 years or archives. There's just no way to protect company secrets and intellectual property. Jeff
-------- Original message -------- From: Jeffrey Walton Date:05/08/2015 19:01 (GMT-05:00) To: FunSec List Subject: [funsec] IT Sec Policies on travel from US to China? I've tried Googling, but I'm turning up spurious noise... Is anyone aware of some sample IT security policies and procedures for travelling from US to China? Does the DoD offer something STIG-like for guidance? I'm especially interested in temporary laptops and temporary phones; how to handle the device radios (like 802.11 and NFC); temporary credentials for VPN; and how to handle email. Email is confounding because its so damn insecure at so many levels.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- IT Sec Policies on travel from US to China? Jeffrey Walton (May 08)
- <Possible follow-ups>
- Re: IT Sec Policies on travel from US to China? Marc (May 08)
- Re: IT Sec Policies on travel from US to China? Jeffrey Walton (May 09)
- Re: IT Sec Policies on travel from US to China? Jeffrey Walton (May 09)