Subscribe (Free) to
Daily or Weekly Newsletters
Post a Job

Featured Jobs

Pension Administrator

Creative Pension Consultants, Inc.
(Remote / Albany NY)

Creative Pension Consultants, Inc. logo

Plan Compliance Analyst (Administrator)

RPA
(Remote)

RPA logo

Retirement Plan Administrator

Nicholas Pension Consultants
(Remote / Corona CA / Rancho Cordova CA)

Nicholas Pension Consultants logo

ERISA Counsel

Human Interest
(Remote)

Human Interest logo

Retirement Plan Analyst/Administrator

Compensation Strategies Group, Ltd.
(Remote / Beaumont TX)

Compensation Strategies Group, Ltd. logo

Retirement Plan Relationship Manager/Consultant

The Retirement Plan Company (TRPC)/an ABG firm
(Remote)

The Retirement Plan Company (TRPC)/an ABG firm logo

Retirement Plan Quality Assurance

ERISA Services, Inc.
(Remote / Knoxville TN)

ERISA Services, Inc. logo

Quality Assurance Manager

Nova 401(k) Associates
(Remote)

Nova 401(k) Associates logo

Senior Plan Administrator

Atlantic Pension Services Inc
(Remote / Kennett Square PA / DE / MD / NJ)

Atlantic Pension Services Inc logo

View More Employee Benefits Jobs

Free Newsletters

“BenefitsLink continues to be the most valuable resource we have at the firm.”

-- An attorney subscriber

Mobile App image LinkedIn icon
Twitter icon
Facebook icon
LIA $FACTS$ for May 1998
View other months

Security

Transmission security has been in the news lately. We have noticed that there are groups of consultants suggesting that "sufficient" security can be achieved without encrypting every message, every file, etc. We think such advice is short-sighted.

The number one best security is not having anything anyone else wants to read or look at. Keep a low profile. Live under your means. Close the curtains at night and always keep the garage door closed!

But, let's say you are an international firm having offices around the world and many employees. Let's add to the scenario by making you a leader in your field. We assure you, someone wants access to your stuff! The number one method of protecting your information assets is not available to you.

So, how far do you go? If your only concern is access to documents that could be used in court, you probably can go partway as the consultants have suggested, making sure that correspondence on sensitive issues is approved and coded.

The reality, however, is that people can learn what you are doing to your detriment with documents that would be laughed at in court.

In the military, one is always reminded not to talk to unknown people and never to say anything at all about what one's unit is doing, even to family and friends. The popularly stated reason for this requirement is that "loose lips sink ships!"

All of your information is valuable and all of your correspondence is sensitive. Your competitor can tell what you are doing often just by monitoring the volume of encrypted email in and out of your site, especially if you only encrypt the important stuff. The size of communications and the people communicating give additional indicators of what is going on.

For example, let's say your stock has done well and you have begun discussion with your executive committee about approving a stock split. The mere change in the volume of traffic within the committee would clue people in, before appropriate, to what was going on. And this assumes that the traffic is coded. Uncoded traffic would be roughly equivalent to talking to a reporter!

So, what do you encode? Quite simply, everything. Your IS efforts should be expended to minimize the overhead on the system of coding everything. In time, you can start to adopt sophisticated methods of preventing even the volume and presence of traffic from revealing important information to the wrong people. You will also find, in the process, that the management diversion presented by trying to decide what to encode on an ongoing basis is far more costly than the cost of full-time security. And, it is always easier to continue the habit of transmission security than to initiate it.

Finally, applying Murphy's law, always expect a leak to occur and be prepared to deal quickly with the problems that result from it. Oh... and if it looks like there was a leak, there probably was!


Copyright 1998 Lohmann International Associates

You have been reading the online edition of LIA $FACTS$, the monthly fax newsletter of Lohmann International Associates. For further information, please visit our home page on the Web or send e-mail to Les Lohmann.


BenefitsLink Home PageThis page proudly hosted by BenefitsLink
© 2022 BenefitsLink.com, Inc.