Stupid Encryuption

Client: “What the best practice for sending financial or other information that needs to be secure. Someone mentioned “Lock Box” or other sites like this. Is this a data sharing site? I know there has been some recent controversy over a data sharing site that was shut down recently.”

Consultant: “What types of data are you dealing with, and where and with whom are you trying to share this data? There are different types of security options available depending on what the data is and where and how it is being shared.”

Client: “It is company financial data along with some sensitive salary and benefit information that my boss wants sent to a particular individual.”

Consultant: “Encrypting the data is quite simple. Setting it up so that the recipient can DEcrypt it is the tricky part and depends on the recipient’s technical capabilities, which we don’t know.”

Client: “Frankly, I am not worried about their end of things, my only concern is getting this information encrypted and sent per my boss’ ASAP request.”

Consultant: <facepalm>


Despite further attempts to explain to Client, a corporation’s Chief Financial Officer, the importance of knowing if the receiving party has the capability to decrypt software, Consultant was unable to do so.