Security School

Final Exam / Answer No. 3

3.) Encrypted mail can't be scanned by a compliance checker. How do you resolve this issue?

Compliance checking is a policy issue. It's a corporate policy to look into messages and try to see what is going on. If the message is encrypted, then clearly the compliance checker cannot look inside. Hence, this is a policy issue and not a technical issue. There are three scenarios: the policy states that such mail is out of compliance; the policy states that such mail is, by definition, within compliance; or, the policy says nothing about mail that cannot be checked.

If you are lucky enough to have a policy that matches the first or second case, then you simply do what the policy says and don't worry about it. If your policy doesn't mention what to do about mail that cannot be examined, then the appropriate answer is to bring this to the attention of the policy people and have them fix the policy. Solving this problem technically, without policy input, is asking for a slap on the wrist or worse.

<< Back to quiz


This was first published in April 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: