As part of a new eDiscovery effort, we send large amounts of data on encrypted hardware to third parties (outside counsel) that are not very technically proficient (so no key exchange via PGP desktop). Our compliance policy states no passwords in emails but IT Sec team has no great workaround other than voice communication. What other ways can we communicate this password? Is the fact that the email is completely separated from the hardware good enough? Please let me know your thoughts.
Aucun commentaire:
Enregistrer un commentaire