CORIATS
Security Issues
Date of last Update: 06 August 1998
|
CORIATS
|
|
|
Questions of Internet Security have drawn much attention, as use of the network for business has increased dramatically over the past months. Christopher Coriat delivered a presentation at the Offshore 2000 in London dealing with "Confidentiality, Security and Due Diligence on the Internet". His address on this topic formed part of the symposium on "Offshore and the Internet". An outline of the session can be found via our Library Area, or may be accessed directly from this link. Mr. Coriat will also address the Sixth Annual Forum on Offshore Trusts, to be held at The Biltmore in Coral Gables, Florida 14-16 April 1997. This conference is sponsored by the Institute for International Research, in conjunction with the Society of Trust and Estate Practitioners. Entitled "Trustees Toward 2000", the session looks ahead at using information technology to provide improved service in the trust industry. Concentrating on Internet and Intranet connectivity, Mr.Coriat will deal with crucial legal and security issues. Failure to interface their systems is bound to relegate some service providers; however in this area it pays to be brave, not foolhardy. The recommended approach centres on advanced research, informed decisions, and avoidance of extremes. An excellent resource for further information is Purdue University's comprehensive Computer Operations, Audit and Security Technology ("COAST") web site. CORIATS Internet Domain is entirely separate from our internal information systems network, and no operational or client data is accessible to or from the Internet. Whilst research is being conducted into secure reporting for limited purposes, no online connection between the Internet and any of the Trust Company's private systems will be allowed until and unless sufficient technology is available to maintain security at appropriate levels. The commercial use of Internet E-Mail for global communications is increasing dramatically. However messages resemble instant postcards, readily readable by any casual observer. It would, of course, be unheard of for a bank to correspond with customers by postcard. Nonetheless, technology so convenient, timely and cost-effective can hardly be ignored. The solution is simply to scramble messages so that they cannot be read if intercepted. Tools to accomplish this are becoming readily available, and ever better integrated with other software. The most universally accepted system is PGP. Despite certain legal restrictions as to which version may be used in various countries, there is broad compatibility between versions. The Trust Company carries full support for both inbound and outbound encryption of messages using PGP. Public Encryption Keys (used to scramble messages to a specific recipient, and thus readable only by that person) for Christopher Coriat and Christine O'Reilly are available to download. The files are tiny (1k each), but require PGP in order to use. Clients outside North America should refer to the International PGP site in order to determine which version is best for them. The Trust Company will be pleased to assist Clients (but not others) in determining the appropriate version, and putting it to use in the most convenient manner. Please E-Mail the IT unit at CORIATS for advice. It is the policy of the Trust Company that offshore services (including encryption) should never be used to facilitate or conceal illegal operations, and that only legitimate, defensible work will be conducted. The Trust Company reserves the right to, and will, refuse any business considered doubtful. |