Originally Posted by camimac
Pardon my ignorance, but what exactly does the Sarbanes-Oxley Act got to do with this?
S-O requires that certain types of businesses provide information technology infrastructure to support adequate auditing of high-risk financial transactions. That means data backups that are secure and reliable.
Similarly, HIPPA requires that health care providers take adequate measures to ensure the privacy and security of patient medical information.
In both cases, a backup system that is not working properly would fail the test. Further, there has been no mention of whether AirDisk backup via Time Machine would be encrypted or broadcast in the clear. To comply, it would have to be encrypted.
As I understand it, based on communications from Apple, there is a similar problem with certain backup and syncing scenarios in .Mac services, In some case, user information is broadcast over the Internet in the clear, where it can be hijacked by anyone who knows to look for it. Again, neither S-O or HIPPA compliant.
Hopefully Apple is moving to address these security issues. It would be an impressive and strategic marketing move for them to do so. If we have to wait a little bit for them to get it right, so be it. Better that than have company get mired down in lawsuits.