In message <3.0.3.32.19991017232841.0093d5d0at_private>, JSK writes: > I'll be the first to say I've not looked at this 'visto' till just > now, and I only took a peek at it. I can't figure much about them > from their web site, but I would have a REAL SERIOUS CONCERN with > users having their (sometimes sensitive) company e-mail sent to an > outside location, where it can be hacked/read/snooped/sniffed (blah > blah) by anyone. Yup, absolutely right. And if you use technical mechanisms to bar use of visto, people who need (or think they need) that sort of functionality will just forward their mail to hotmail or yahoo or any of the other free mail services. There are really only two choices: either persuade your users that *they* don't want to do this, because *they* understand the security risks, or find a mechanism that provides the necessary functionality as securely as possible. You can't ban everything; some things, you have to manage. I'll quote Ranum's Law: "You can't solve social problems with software". Btw, what is your corporate policy on discussing sensitive business matters via cell phones? --Steve Bellovin
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:44:00 PDT