[brlug-general] email encryption - Was Re: [Discuss] Dell Mini 10

Wed Jul 8 09:24:57 CDT 2009

Ugh. I hate all of the crap that our SMTP server appends to emails.

You're right. It doesn't exist. It's buzzword crap that companies who
don't know any better put on their emails to make their clients (who
don't know any better) feel better.

In fact, since the emails with the login information are in plain text
and could be intercepted, if someone stole a registration email, they
could simply login to the server and retrieve the file as well. I'm not
sure how this makes documents safer to send by email, except by adding
additional steps for an attacker to get the credentials. 

From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] On
Behalf Of Shannon Roddy
Sent: Wednesday, July 08, 2009 8:48 AM
To: general at brlug.net
Subject: [brlug-general] email encryption - Was Re: [Discuss] Dell Mini
10

Ok.  This has been bugging me for a while now.  

On Wed, Jul 8, 2009 at 8:35 AM, Jarred White <jwhite at pncpa.com> wrote:

New Email Encryption Software to Further Protect Confidential Data

[snip]

	Emails with attachments will include a link to a secure web
server.  Click on the link to download the attachment.
	The first time you receive a secure email from the firm you will
be required to setup a password.  This will
	be your password to access future attachments.

[snip]

Someone please explain to me how this is email encryption?  Stripping
attachments and placing them on a web server does not make it "email
encryption".  Nor does placing a file on a SSL web server make the file
encrypted.

My $.02, probably worth less.

-----------------------------------------------------------------------------------------------------
Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice
contained in this communication is not intended or written to be used, and cannot be used, 
for the purpose of avoiding penalties imposed under the Internal Revenue Code.

------------------------------------------------------------------------------------------------------------------
Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data

Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client
relationships.  At P&,, we are committed to keeping your data confidential which is why we are implementing
new email encryption software.  This software inspects all outbound emails from our firm.  Emails that 
contain attachments will require you to enter a password to download the file.  This ensures that your
confidential data cannot be read by anyone other than the intended recipient.

Emails with attachments will include a link to a secure web server.  Click on the link to download the attachment.
The first time you receive a secure email from the firm you will be required to setup a password.  This will
be your password to access future attachments.  For our clients and others, there will be a small step to
download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few
seconds that are required to access the attachment.

If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, 
P&  Network Administrator, at 225.922.4600.
=====================================================================================================

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://brlug.net/pipermail/general_brlug.net/attachments/20090708/7f8d0f72/attachment.html>