RE: Securing workstations from IT guys

["Craig Wright" <Craig.Wright () bdo com au>]

As long as you also remember that as a key logger will capture
passwords, it will invalidate much of the evidence that you hope to
collect. So, yes you can capture this - but as you also capture the
authentication of the user, you have provided them with a "somebody used
my logon" defence.

So you can use them, but what is the gain?

Regards,
Dr Craig S Wright (GSE-Compliance)



Craig Wright
Manager of Information Systems

Direct : +61 2 9286 5497
Craig.Wright () bdo com au
+61 417 683 914

BDO Kendalls (NSW)
Level 19, 2 Market Street Sydney NSW 2000
GPO BOX 2551 Sydney NSW 2001
Fax +61 2 9993 9497
www.bdo.com.au

Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within 
those States and Territories of Australia where such legislation exists.

The information in this email and any attachments is confidential.  If you are not the named addressee you must not 
read, print, copy, distribute, or use in any way this transmission or any information it contains.  If you have 
received this message in error, please notify the sender by return email, destroy all copies and delete it from your 
system. 

Any views expressed in this message are those of the individual sender and not necessarily endorsed by BDO Kendalls.  
You may not rely on this message as advice unless subsequently confirmed by fax or letter signed by a Partner or 
Director of BDO Kendalls.  It is your responsibility to scan this communication and any files attached for computer 
viruses and other defects.  BDO Kendalls does not accept liability for any loss or damage however caused which may 
result from this communication or any files attached.  A full version of the BDO Kendalls disclaimer, and our Privacy 
statement, can be found on the BDO Kendalls website at http://www.bdo.com.au or by emailing administrator () bdo com au.

BDO Kendalls is a national association of separate partnerships and entities.

-----Original Message-----

From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Frary, Brock
Sent: Thursday, 29 November 2007 7:39 AM
To: Petter Bruland; Nick Vaernhoej; security-basics
Subject: RE: Securing workstations from IT guys

Technically no.  Assuming the company has the proper policies in place,
the company can install any kind of software and/monitoring tools they
want.  Moreover most companies use a logon banner that indicate your
activities will be monitored.  Finally the equipment is a "company owned
asset" - meaning they can do anything they want with it...installing key
loggers if they wish. 


Brock

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Petter Bruland
Sent: Wednesday, November 28, 2007 1:11 PM
To: Nick Vaernhoej; security-basics
Subject: RE: Securing workstations from IT guys

I think installing key logger software is stepping over the line.
Although it's company assets, isn't there some sort of privacy law that
makes this illegal?

-Petter 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Nick Vaernhoej
Sent: Tuesday, November 27, 2007 4:41 PM
To: security-basics
Subject: RE: Securing workstations from IT guys

A key logger? At what point are we crossing the line of common decency
towards co-workers?
I realize it is company property and all, but if you log access to
sensitive files and audit these logs do you really need to be more
intrusive?

This is not an attack, more a tagged on question to everyone?
Is keystroke logging commonly accepted by you?

Nick Vaernhoej
"Quidquid latine dictum sit, altum sonatur."


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Vandenberg, Robert
Sent: Tuesday, November 27, 2007 11:18 AM
To: security-basics
Subject: RE: Securing workstations from IT guys

 
Those are good points.

I would recommend that you put in a keystroke logger program with the
written approval of your upper management on the PCs in question and
then download the logs each day.  That way you are able to create a
forensics "e-Trail" that can be used to confront/counsel/etc. them.  I
would also make sure that you look at your documenation and ensure that
each IT person has signed a document stating that they will not use
their abilities improperly.  Combine those two and you have a means of
pursuing them legally. 


This electronic transmission is intended for the addressee (s) named
above. It contains information that is privileged, confidential, or
otherwise protected from use and disclosure. If you are not the intended
recipient you are hereby notified that any review, disclosure, copy, or
dissemination of this transmission or the taking of any action in
reliance on its contents, or other use is strictly prohibited. If you
have received this transmission in error, please notify the sender that
this message was received in error and then delete this message.
Thank you.

This e-mail transmission contains information that is confidential and
may be privileged.   It is intended only for the addressee(s) named
above. If you receive this e-mail in error, please do not read, copy or
disseminate it in any manner. If you are not the intended recipient, any
disclosure, copying, distribution or use of the contents of this
information is prohibited. Please reply to the message immediately by
informing the sender that the message was misdirected. After replying,
please erase it from your computer system. Your assistance in correcting
this error is appreciated.