Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Would You Prefer To Send Sensitive Data?

Posted by samzenpus on from the by-armored-truck dept.

sprkltgr writes "Our HR department is implementing new software. The HR Director has tasked me with sending our data out of our network to the consultant that's loading it in to the new package. Obviously this data includes items such as SSN, name, birth date, etc. Upon being told that I would not email this data to her, the consultant asked what my security requirements were for sending the data. What would be on your wishlist for the best way to send sensitive data to someone outside your firewall?"

10 of 542 comments (clear)

  1. Password protected PDF! by Boogaroo · · Score: 5, Funny

    Redacted using FBI security techniques will guarantee absolutely nobody will be able to see it.
    Make sure you send the password with the file.

    1. Re:Password protected PDF! by genderbunny · · Score: 5, Funny

      Nice, but it will never be as secure as sending a Word document with the font changed to Windings.

    2. Re:Password protected PDF! by enoz · · Score: 4, Funny

      Send it in OOXML, Word won't even open it!

  2. By Hand by rueger · · Score: 5, Funny

    Deliver it by hand.... if you're lucky they'll give you one of those cool attache cases that handcuffs to your wrist.

    --
    Three Squirrels
    1. Re:By Hand by Dirtside · · Score: 4, Funny

      No, if you're lucky, they'll include a key. If you're not, they'll include a hacksaw.

      --
      "Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
  3. OTP by Iamthecheese · · Score: 4, Funny

    Well, the first thing you need is physical security. I would reccommend Blackwater for their premium quality goons. You'll need at least two platoons and a morter squad. Then you'll want to hand-deliver a one time pad to their secure vault, with a completely off-network computer to do the decryption. You can solder off all the connections except a secure thumb drive for the OS and the DVD containing the OTP. You'll have to keep your own copy of the OTP in your own vault. And I highly recommend Windows ME on a Dell for the encryption routine.

    --
    If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
  4. Spy Style by bsDaemon · · Score: 5, Funny

    Encrypt the drive and put it in a locked case, handcuffed to your wrist. Have a second person carry the key to the handcuffs and to the case and take a separate train. Just for good measures, send out decoys for both yourself and the man with they. Rendezvous at the consultant's headquarters.

    Don't forget to wear mirrored sunglasses.

  5. Re:PGP by beav007 · · Score: 5, Funny

    PGP or GPG I've been hearing good things about ROT-13. Which one of these uses ROT-13?
  6. Re:PGP by Anne_Nonymous · · Score: 5, Funny

    Alternately, you could quantum encrypt the data, send the key by smoke signal, and nuke the entire site from orbit. It's the only way to be sure.

  7. Re:Red flag. by SanityInAnarchy · · Score: 4, Funny

    Just so long as you at least verify fingerprints via the phone. Fingerprints aren't any more secret than the public key, but at least on the phone, a MITM insertion attack is much more difficult -- they would sound different.

    --
    Don't thank God, thank a doctor!