digitalhomecanada.com — Companies have begun to establish policies that prevent personal laptops and USB keys from entering the workplace. With a drive that can easily be slipped into a shirt, an employee now has the potential to download and store thousands or hundreds of thousands of records which could contain sensitive information about a company's operations.
Jul 17, 2006 View in Crawl 4
masonreloadedJul 18, 2006
Most company firewalls aren't setup to stop somebody logging onto Yahoo Mail and attaching a file... That's what I don't get these days - people are worried about ipods/usb drives but emailing information is almost as quick... although probably a bit more traceable.
shredswithpiksJul 18, 2006
"most new PCs have no PS/2... etc"Dell offers a serial/PS/2 card to throw in machines without PS/2 built into the motherboard. My workplace (I'm IT) buys these for the specific reason of being able to turn off USB. Except that we don't turn off USB.USB drives/Personal laptops have been banned from my workplace for a *long* time. Actually, anything not company issued isn't allowed to touch anything connected to our network. It's incredibly obnoxious... but there is a huge security risk for a lot of companies, especially those ranked high on the "likely to be attacked by terrorists" list.
haiyadragonJul 18, 2006
What about e-mail assh**es? What about a secure connection to my Linux rig assh**es? What about the other thousand ways to do it through internet?These companies that have begun to establish policies don't know the first thing about security. I expect every computer at these companies to allow full admin access to every user as well as full internet access.
Closed AccountJul 18, 2006
"Yes. I'm sure that companies who don't allow thumb drives will be installing CD-R and DVD-R on every machine."Actually, they do. Most dells come with them, and most companies, for some reason, outfit their operations with Dell PCs (how do you think they're so popular?)
jlduggerJul 18, 2006
It's not incredibly hard to disallow the bios from booting off of USB, floppy or CD, etc, and then ensure that the system it boots into refuses to access USB mass storage drives, without otherwise adversely affecting the system. I've also seen places where the internet is disallowed, but that's mostly reguarding DoD clearance stuff. Developers working without Google must cost them in one way or another!But seriously, it doesn't take much effort to circumvent a device you have physical access to. You can just replace the hard drive, You can pull the BIOS battery and short something to reset it. You can put keyloggers on the keyboards. But most of these activities require a significant amount of time and you'll look out of place doing it. Protecting against an inside job is one of the hardest, if not impossible, tasks set before a computer security team, and woe unto the knowledge worker who finds such a group between them and their job.