reasons to encrypt mail and data

[billhorne at mediaone.net (Bill Horne)]

Steve <steve at cyberianhamster.com> wrote:

> Derek D. Martin wrote:
>
> >   - keep your boss(es) and/or coworkers from reading your private mail
> >     which could get you ostricised/fired/worse
>
> I agree with a lot of points, but this is an odd one if you're talking about
> using the company's assets to do these personal things.
>
> Nobody's data on company equipment can be considered theirs. Companies allow you
> to use their assets for private purposes, but that's at their discretion. It may
> not be the company's right to know your private data, but it swings both ways.
> It's not your right to use the company's assets for your personal purposes. You
> violate one right; expect to get violated on the other. If you were to send
> something personal that could get you ostracized, fired, or worse, then why
> would you want to use your employer's equipment?

Well, no offense, but isn't that a little simplistic? "Companies ALLOW you..."?
"It's not your RIGHT..."? "...expect to get VIOLATED..."?

Just a few examples, hypothetically speaking, of course, off the top of my head:

1. You've just been condemned to spend the next year jury-rigging a POS system that
the company purchased, when you know that there are better, faster, cheaper, more
expandable options which were shoved aside in the definitions phase of the RFQ. You
visit a friend at the South Bay marina, and see your boss three slips over, bragging
to some guests about his new boat which he never mentions at the office. The
Commonwealth's registry of boats shows the vessel to be owned by a corporation in
the Netherlands Antilles. Should your communication with the SEC be secure?

2. You receive notice that the corporation's executives have transferred most of the
pension plan's assets into general funds, thus assuring themselves fat bonuses and
you a marginal retirement, and that they've also voted themselves into a different,
much more generous, "executive pension fund". You decide to organize a union and do
something about it. Should your communications with coworkers be secure?

3. You bump into the mouse on a coworker's desk while dropping off a report, and his
computer screen saver clicks off - to reveal a pornographic image involving animals
and humans. Should your communication with the corporate ethics officer be secure?

4. The company audit department calls you up and asks you to explain why the network
logs show that your PC was communicating with the office of a vendor in a
negotiation that was, at that time, in "hands off" status during a stock swap.
Should your communications with your lawyer be secure?

5. Someone drops a letter on your desk: a marginal copy found in the trash next to
the copy machine. In the letter, your boss makes fun of a physical challenge that
you've asked to have accommodated, and says you're just looking for special
treatment you don't deserve. Should your communications with the company's attorneys
be secure?

Well, I could go on - hypothetically, of course - but you get the idea.  Each of the
possibilities mentioned above justifies (and sometimes actually requires)
communicating with others without the possibility of being monitored. Each of them
justifies the use of corporate computing resources and is either protected, or
mandated, by law.

Bill Horne


-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).