HPaulsen wrote:Going back to the beginning, I wonder whether exported files should be encrypted immediately, even on the ward computer. We just had ours stolen in a seemingly targeted attack (perhaps for the purpose of information mining), and my greatest concern is that there might be a Membership.csv somewhere in it.
Wow. That is a scary story. Physical security is hugely important for lots of reasons. The password policy for Windows logins on that box is pretty loose in the first place, by the standards of many sysadmins.
Even without such a gross incident, there are good reasons not to have such files sitting around on the computer.
There are multiple users (EQ, HP and RS secretaries, for example) who have legitimate access to the computer but who probably shouldn't have access to the confidential detail in such files. I occasionally delete export files that bishopric members have left behind. Like so many elements of security, the human factor is usually the greatest vulnerability.
EDIT: And speaking of the human factor, users really should be picking strong passwords for any zip files. (And end users almost never do.) This is especially important on removable media because these files are vulnerable to brute-force, dictionary-style attacks. One advertised advantage to the SanDisk's whole-disk encryption is that, being software-based, the device is supposed to shut down and self-destruct after some finite number of failed attempts to open its vault.