Security Basics mailing list archives

Re: New workplace security measures. Are they usual?

From: Andy Colson <andy () squeakycode net>
Date: Mon, 19 Jul 2010 12:55:15 -0500

On 7/18/2010 1:03 AM, securityfocus () aldomedina com wrote:

In my new workplace, they recently implemented severe security measures:
security guards, video cams in every hall, they changed all the BIOS and
administrator passwords, protected the computers from case-opening, limited
all the Windows accounts. I assume this is fine (I don't know the Mexican
law about this).

However, they also installed a VNC server in every computer, and I'm
concerned because I believe they can fake any file, document or even email
as if I had wrote them. They should also be able to see everyone of my files
and communications, even the private ones. Am I alright? Is this usual in a
work environment? Is this legal in US or in Mexico?

Have no idea if its usual, or legal. I would offer though that itspossible to fake an email from you without you running vnc. And anadmin (or hacker) can read all your "private" files without vnc. Anadmin can create a file on the network, and assign its owner to you...making it look like you created it.

There are already packet sniffers on the network, so even without vnc onyour computer, they can read your emails and your IM's.


vnc is bad, yes, but it was already bad.

-Andy

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

New workplace security measures. Are they usual? securityfocus (Jul 19)
- Re: New workplace security measures. Are they usual? Andy Colson (Jul 19)
- Re: New workplace security measures. Are they usual? Todd Haverkos (Jul 19)
  - RE: New workplace security measures. Are they usual? Murda (Jul 20)
    - RE: New workplace security measures. Are they usual? Boyd, Chad (Jul 20)
  - RE: New workplace security measures. Are they usual? securityfocus (Jul 20)
    - RE: New workplace security measures. Are they usual? Erik Soosalu (Jul 20)
    - Re: New workplace security measures. Are they usual? Todd Haverkos (Jul 20)
- Re: New workplace security measures. Are they usual? Marc-André Laverdière (Jul 21)
- <Possible follow-ups>
- Re: New workplace security measures. Are they usual? tim (Jul 19)
  - RE: New workplace security measures. Are they usual? Murda (Jul 20)
    - Re: New workplace security measures. Are they usual? Todd Haverkos (Jul 21)

(Thread continues...)