HP3000-L Archives

June 2003, Week 2

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Where lays the responsibility?
From:
Gary Sielaff <[log in to unmask]>
Reply To:
Gary Sielaff <[log in to unmask]>
Date:
Fri, 13 Jun 2003 09:59:30 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (64 lines) 
Wait a minute.  After reading your reply again, I'm not sure who 'owns' the
data.  The 'Agent' hosts the application on his server.  I need to dig
deeper here.  I will check in after some phone calls.
tks again
Gary
----- Original Message -----
From: "Gary Sielaff" <[log in to unmask]>
To: "Patrick Santucci" <[log in to unmask]>;
<[log in to unmask]>
Sent: Friday, June 13, 2003 9:51 AM
Subject: Re: [HP3000-L] Where lays the responsibility?


> Sorry about that.  I was typing and not thinking.  You are correct.  The
> agent owns the data.  I am the connectee or user (really dumb terminology
> now that I look at it).
> We share the same opinion on this matter.
> tks
> Gary
> ----- Original Message -----
> From: "Patrick Santucci" <[log in to unmask]>
> To: "Gary Sielaff" <[log in to unmask]>;
<[log in to unmask]>
> Sent: Friday, June 13, 2003 9:39 AM
> Subject: RE: [HP3000-L] Where lays the responsibility?
>
>
> Gary Sielaff wrote:
>
> > This must have been a really really dumb question huh?  I didn't get
> but
> > one reply.
>
> Actually, I was having trouble understanding your terminology. Who is
> the "Agent" and who is the "Connectee"? Which of these owns the data?
>
> Ultimately, IMO the owner of the data is responsible for ensuring that
> it is secure. That means monitoring, auditing and testing any entity you
> have entrusted with your data for security flaws. If I allow my
> customers' credit card numbers to be stored on my web-hosting company's
> site and someone breaks in and steals them, I better be able to document
> that I did everything possible to investigate that likelihood and take
> all reasonable steps to prevent it from happening.
>
> Does that mean hiring consultants to try to hack into the site and steal
> them? Probably not, but I might if I didn't think the web-hosting
> company wasn't being careful enough with my data, or if they gave me
> vague answers about exactly what security they had in place.
>
> Just my $0.02,
> Patrick
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Patrick Santucci
> HP e3000 Systems Administrator
> Computer Operations Team Lead
> Networking Services Department
> Cornerstone Brands, Inc.
>
> http://cornerstonebrands.com
>

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2