[thelist] how secure is reasonable

Bob Meetin - www.dottedi.biz bobm at dottedi.biz
Sat Oct 6 10:02:10 CDT 2007


> The real question is, how secure do they need to be? Is someone actively
> trying to get access to these documents, or are you trying to prevent
> someone from stumbling across them accidentally? If a document went
> astray, would the results be embarassment, money loss, financial ruin,
> death? You have to know the risk level to establish the needed security
> level.
>
> joel
>   
Sounds like the theory of relativity.  Okay, just a wee bit of 
background.  My client prepares tax returns and has partners who work 
from home. They are interested in placing the tax docs in a central 
repository where only they have access.  This will save them each a half 
day or so per month.

Embarrassment - certainly
Employee/Client relationship - absolutely
Money loss - it would depend
Financial ruin, death (perhaps mine)- that would be a push

Prevent accidents - yes
I can't assess how vindictive someone would be to want to break in and 
wreak havoc or just the motivation to do this.

However, here's something I have not done for years, most of a decade.  
When I worked with a UNIX company I occasionally use 'DES' to encrypt 
and unencrypt files.  It does not appear to be loaded on the hosting 
company server, but it or something similar would certainly add another 
level of complexity to anyone who was able to get to the files.  This is 
out of my expertise, but I could probably set up des to encrypt the 
files as soon as they are uploaded.  Or would it be smarter/safer to 
find a utility that would do this on the desktop.

Yeah define  reasonable???





More information about the thelist mailing list