So a Yahoo mail account has been hacked, well they are only one or two belonging to the Governor of a US State, potentially the next Vice-President and therefore only a vote / heartbeat away from the Presidency. Ed Brill has linked to this excellent article making the case for considering the potential risks and downsides for externally hosted mail and webmail in particular.
- Trust – is the originator who they say they are?
- Security – are the intermediate hosts fully locked down?
- Privilege – Can the administrators of the system access my content?
- Compliance – Does information storage meet SOX (or equivalent) regulations?
- Control – Can I impose an archival regime?
- Ubiquitous – Is access to content easily achieved outside of the firewall or disconnected from the network and then does it stay in a guaranteed secure environment?
- Housekeeping – Can corrupted or accidently deleted information be easily recovered?