Security Basics mailing list archives
RE: web monitoring tool
From: "Imran Khan" <ikhan () eudoramail com>
Date: Mon, 14 Apr 2003 10:22:34 -0400
Greetings, I had posted this question last week and during the course, I have received tons of valuable information from both sides of the camp. I have researched on both the aspects of it and I am in the process of writing a proposal to amend the current policy so that I cover all my bases on my end and to ensure and that my entire organization is part of the process in signing off on this sort of amendment. Thanks everyone for the input on this question. Being a first timer on this forum, it has expanded my knowledge tremendously J Cheers, Imran -- On Fri, 11 Apr 2003 23:08:43 Douglas K. Fischer wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Lots of excellent points made in this thread. 1. Before you do anything, have a CYA memo of some sort from a superior, ESPECIALLY if this request places any action in direct or inferred opposition to corporate policy or legal reporting/auditing requirements. It's hard to say (and frankly irrelevant) why the executives want their surfing totally confidential. However, if there would be any backlash from this action, you need to minimize your own exposure. (My general rule of thumb is to have clear support for everything I do. If I can't point to a policy or regulation that supports an action, I make sure someone over me has provided some form of e-mail or memo that will offer such support.) 2. Chances are in addition to not wanting anything logged, the executives also do not want any of the traffic observed. I would tend to agree with the proponents for a separate dial-up or broadband Internet connection and a separate PC/laptop to totally isolate this "executive surfing" from your enterprise network. That is the cleanest way. 3. Perhaps suggesting that the execs do their "confidential surfing" from a home connection or other non-corporate location would be in order. It would be far simpler as far as keeping the traffic confidential. (Frankly, depending on their reasons for wanting to keep their activities invisible, the very act of making this request would arouse suspicion and start vicious rumours. Simply doing the surfing from home would have allowed them to keep things quiet and not have to involve anyone at the office.) Doug -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBPpeDOp938qfSpraDEQIeLwCgvhhQtBj6mC/wmOVnw0kdMAZEidQAoMvy Ga/9fuqdr+Mmj9GaxHz82Z3G =xAn1 -----END PGP SIGNATURE----- ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
Need a new email address that people can remember Check out the new EudoraMail at http://www.eudoramail.com ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
Current thread:
- RE: web monitoring tool, (continued)
- RE: web monitoring tool Trevor Cushen (Apr 10)
- RE: web monitoring tool Burton M. Strauss III (Apr 10)
- RE: web monitoring tool Robinson, Sonja (Apr 10)
- Re: web monitoring tool Imran Khan (Apr 10)
- RE: web monitoring tool David Gillett (Apr 10)
- RE: web monitoring tool Douglas K. Fischer (Apr 12)
- Re: web monitoring tool Jon Pastore (Apr 14)
- RE: web monitoring tool Ken Kousky (Apr 14)
- RE: web monitoring tool David Gillett (Apr 10)
- RE: web monitoring tool Trevor Cushen (Apr 10)
- RE: web monitoring tool Chris Berry (Apr 10)
- RE: web monitoring tool Chris Santerre (Apr 11)
- RE: web monitoring tool Imran Khan (Apr 14)