-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - for passwords, I recommend installing a company-wide password vault (something like say "Password Manager Pro") and giving everyone an account in it. Folks can share necessary passwords in a secure fashion, there's an audit trail of access, if one person is forced to change it when they log into it (90-day rolling password or whatever), they can update it so everyone has it immediately, etc.
- - for personal data... GPG is your friend. Whether it's being transmitted in e-mail or via shared files, that data should be encrypted. On 2/17/2015 8:42 AM, Edward Ned Harvey (lopser) wrote: > I see a lot of people and businesses out there, that just don't > care about their own privacy. They email passwords to each other, > W2's with salary and social security information, photocopies of > drivers' licenses and passports to be used by HR to complete I-9 > forms... > > As an IT person advising a business to be more responsible, what > areas do you advocate securing most urgently? IT admin > credentials? HR > > Email is obviously a huge area of insecure information sharing. Do > you also see a lot of people storing information that should be > secured in other non-private services like Dropbox, Google Drive, > Box, etc? - -- I prefer to use encrypted mail. My public key fingerprint is FD6A 6990 F035 DE9E 3713 B4F1 661B 3AD6 D82A BBD0. You can download it at http://www.megacity.org/gpg_dballing.txt Learn how to encrypt your email with the E-Mail Self Defense Guide: https://emailselfdefense.fsf.org/en/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJU41z3AAoJEGYbOtbYKrvQiyMQALn/MEpQIoqt6mNm+HSy/Si/ +6ml8FaWwpQC3/ysA3Cx2v3ywPPTCzQ7W4/9i5mZucd5I/AVbfWSexMk0jc3QVw0 XrSXtweVn8NoUMOKFNQrC0C0bMluxo08NE3WDpSKaVW5NJ2MtfQ+YfZdnfLUOq13 ed4a6WHz0FBpCKwj4k9X7Vew8yxCCH6VM2q+JGI9rYwrhZweoD2EnogqAJJrdcjQ QxuNbkpSFl+6j7MoSf6pDHx6KYqKmgAKFVD+oJsoHT8OCGAUtiYZ8EfDVkgEScwV e+VfwK1Ff6XcBYxirE/LIUyXL4FzARKq7aJSXIb7mIJXSy5bFDEkec3kLmVGuOqG xxIiyfrZSSj2EujtCpxrh/gt+7PNm43L1wKA+kVje8DZEUpD6fYBTkfngFl7nW2V RxdZ/wVS53CfDkw33D4jutccwwYi7lH+IqgM+wwaZNOzGwR3jD1FoUDGqCBe8+4c wixneaXjtbnGl6uW3PVi6oCVeK9CM2X2ifVc2PADj82qCERWX2snghpUVjEwUb1k xlgwa4YAan5ixFUC7RJZsYBvOg/ML/bKR7F2mpY7+xV1cilA88pVE1jZ1341fsUY /3m5sHArgJxajbm/5gCAjUg5aZ9IGt0Zt8woUOGeynoFBxv31knVis+bPG01hACD oezAcub0FdSjz/T+7xQz =qvOM -----END PGP SIGNATURE----- _______________________________________________ Discuss mailing list Discuss@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
