Public Records request and encrypted email

[wcburton]

I am not the Notes admin but I supervise one. Our admins keep a list of everyone's password so that they can get into the users mail box and print out the encrypted emails to satisfy public records requests.

I am trying to find out if I can end this practice or if this truly is a flaw in Notes administration. I found this other thread that helps somewhat but I need the answer to how to print the encrypted emails.

From thread

http://tek-tips.com/viewthread.cfm?qid=1345323

1. Ensure your users change their password after being setup. Teach them how to change it or better still sych with a directory such as AD and NDS.
2. Keep a copy of your Notes.id for every user with a defualt password, but ensure you have these files in a very secure location.
3. Keep your Cert.id and server.id secure as well
4. Do not use a default password like "lotusnotes" for these id's.

Can these notes.id files with default password be used to read the encrypted mail or only used to regain access when user forgets password? Do you have to login as the user to read the encrypted mail?

A slightly related question (will repost separately if needed):
If a user leaves, and the person's manager needs to access the mailbox to see what they were working on, does the manager need to login as the user or is there a way to import the encryption key into the manager's id file?

 

[spi200]

Hi

I manage a lotus enviroment for a top 200 and we do the same as your administrator for the reasons that you mention.
Users are always forgeting their password and the only way is to register the user again and re do the ACL's, this is painful and clumsey and any encrypted mail would be lost to the user.
We assign the helpdesk and the Lotus Admins (two staff) full rights to the mail boxes, however we do not let the helpdesk staff see their managers mail box or the admins mail box which may contain sensitive username passwords (not just for Notes). The admins (if they trust each other) can assign each other the rights to their mail box in case they every lock themselves out or have an issue with the database that need repair.
We backup the "ID's" files which get created when a user is created to a safe location as with limited access. Access to these files and\or the admin.id bypasses all security that might be in place so care must be taken.
Having said it is recommended that users do not encrypt mail at the desktop unless absolutly necessary as security and surveilance systems are not able to check the files being sent. If encrypted files are being sent and can not be check or verified, then breaches of your email policies could be occuring and you would never know. ie Sensitive company files may be leaving the company, we are in the financial markets and this is a big no no - "Insider trading etc just to name one"
Security guys prefer to encrypt at the perimiter (at the mail gateway), this way they can have their sensors placed in before the encryption for mail leaving the company and after the decryption for mail entering the company.
As for enployee who leave we just give the manager access to the users mail file, usually witout the delete rights.

Hope this helps.



David