http://www.rsasecurity.com Invest in a copy of SecurID, and get keyfobs for your users.
We're front ending OWA with the SecurID web security piece, which requires 3 factor authentication, which pretty much kills the ability for a keystroke grabber to get anything useful. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Martin, Jon [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, December 11, 2002 3:22 PM > To: Exchange Discussions > Subject: Securing the OWA Kiosk > > > How are folks handling the following potential security risks > using OWA from > unsecured workstations, such as a kiosk or library environment? > > 1. Cached web pages, etc. on the workstation. User walks away without > closing the browser, the next user has access to the previous > users' email. > > 2. Stealth keyboard capture program grabs userids and passwords. > > It seems like there is a common train of thought about remote > OWA that 'It > is only email, what is the worst that could happen?' My take > is someone who > has unauthorized access to email can potentially: > > - Get people fired; > - Get people arrested; > - Get companies/people sued; > - Cost companies/people money. > > Thanks . . . > > Jon Martin > Systems Programmer > East Bay Municipal Utility District (EBMUD) > Oakland, CA > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]