Security Basics mailing list archives
RE: Securing workstations from IT guys
From: "Petter Bruland" <pbruland () fcglv com>
Date: Tue, 27 Nov 2007 11:21:03 -0800
Hmmm If you find someone you cannot trust and that person is doing harm to the corp, then the person should be fired. And before you do that, you better make sure that once the person is fired, he/she cannot get back in through some back door that the person made. Also, make sure that the way of "capturing" the offender is done in a legal manner. Like if you do use some spy software or key logger, it's in the policy manual to cover you from any legal action that the fired person might take. Moving files to USB drives or encrypting them seems like a jolly good idea, but this means more work for the person using the files, which means it won't work. If you have to add an extra step for an end user, the end user will find a way to avoid that extra step... that's just human nature :-) What should be done is that all files are saved to a network share where only the people who needs to access the files, can. No need for Help Desk / non admin IT staff to have access to ANY corp files what so ever. I might be repeating a lot of similar posts here, but it's really not that complicated to fix this issue with the proper ACLs set on network shares. -Petter -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Brad Bendily Sent: Tuesday, November 27, 2007 10:30 AM To: security-basics Subject: Re: Securing workstations from IT guys On Nov 26, 2007 9:13 PM, Lim Ming Wei <mwlim () pacific net sg> wrote:
Use encryption program to encrypt those files. Password function in the normal MS Word application does not help. If you have problem installing the program. You might want to consider saving the file in
an alternative storage media such as a USB Thumb drive.
Yeah, this is a good point, something like truecrypt could do this very well. www.truecrypt.org -- Have Mercy & Say Yeah
Current thread:
- Re: Removable media, (continued)
- Re: Removable media Albert R. Campa (Nov 30)
- Re: Securing workstations from IT guys Vinny (Nov 29)
- RE: Securing workstations from IT guys Craig Wright (Nov 29)
- RE: Securing workstations from IT guys Frary, Brock (Nov 29)
- RE: Securing workstations from IT guys Nick Vaernhoej (Nov 29)
- RE: Securing workstations from IT guys Craig Wright (Nov 29)
- Re: Securing workstations from IT guys Mark Owen (Nov 29)
- Re: Securing workstations from IT guys Patrick J Kobly (Nov 29)
- RE: Securing workstations from IT guys Vandenberg, Robert (Nov 28)
- RE: Securing workstations from IT guys Petter Bruland (Nov 27)
- RE: Securing workstations from IT guys Craig Wright (Nov 28)
- RE: RE: Securing workstations from IT guys David Gillett (Nov 27)