<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Sep 8, 2014 at 2:05 PM, Beddingfield, Allen <span dir="ltr"><<a href="mailto:allen@ua.edu" target="_blank">allen@ua.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">My biggest issue with this approach is that each system requires manual intervention to come up. We already have our Oracle drones insisting that they bring Oracle up manually....sigh.<br>
Luckily, our HIPAA compliant systems are all Windows-based, and a problem for another team :D<br>
We do have some PCI systems, and that is an unbelievable list of requirements, down to not locating PCI VMs on the same virtualization host as non-PCI VMs.<br></blockquote><div><br></div><div>I would like to see the logic behind that last one!<br> <br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Allen B.<br>
<span class="">--<br>
Allen Beddingfield<br>
Systems Engineer<br>
The University of Alabama<br>
<br>
________________________________________<br>
From: <a href="mailto:ale-bounces@ale.org">ale-bounces@ale.org</a> [<a href="mailto:ale-bounces@ale.org">ale-bounces@ale.org</a>] on behalf of Jim Kinney [<a href="mailto:jim.kinney@gmail.com">jim.kinney@gmail.com</a>]<br>
</span>Sent: Monday, September 08, 2014 12:12 PM<br>
<span class="im HOEnZb">To: Atlanta Linux Enthusiasts<br>
Subject: Re: [ale] OT - SED drive compatibility<br>
<br>
</span><span class="im HOEnZb">Added layer of physical security for HIPAA compliance led to the wholesale<br>
adoption. Yes, remote access and data theft would occur to a decrypted<br>
filesystem once it's running. But much of my work often requires encrypted<br>
data at rest for many system and the performance hit is essentially trivial<br>
compared to the rest of the system, so it's easy to to keep that as a<br>
default. The HPC systems have absolutely all security disabled and are<br>
hidden behind firewalls on private LAN, etc.<br>
<br>
It also indicates a level of unsure trust of the physical access to the<br>
systems. Never had an issue but don't want to be on the wrong end if<br>
something does happen.<br>
<br>
<br>
</span><div class="HOEnZb"><div class="h5">_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br><div dir="ltr">-- <br>James P. Kinney III<br><i><i><i><i><br></i></i></i></i>Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.<br>
- Speech 11/23/1900 Mark Twain<br><i><i><i><i><br><a href="http://heretothereideas.blogspot.com/" target="_blank">http://heretothereideas.blogspot.com/</a><br></i></i></i></i></div>
</div></div>