Hey now. Security is my other gig. Not all of us Security Officers are idiots.
Christopher J. Bosak Vector Company c. 847.603.4673 [EMAIL PROTECTED] "You need to install an RTFM Interface, due to an LBNC issue." - B.O.F.H. (Merged 2 into 1) - Me From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 22, 2008 03:01 hrs To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I'm amazed the security guard even noticed the hard disk activity. Are you sure he wasn't responsible ? J From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: 21 October 2008 21:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also doesn't protect the cloning of hard drives, which, funnily enough, happened to one of my clients on Monday. Security guard saw some disk activity going on, hit the keyboard and voila, Ghost was in action.....CFO's pc, the bugger had installed an extra hdd. S From: Sherry Abercrombie [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:34 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin <[EMAIL PROTECTED]> wrote: Would that stop them dragging & dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it. http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember..... From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it "unforwardable", it was pretty slick.now if I could only remember what product it was. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] Web: http://www.g2support.com <http://www.g2support.com/> -- Sherry Abercrombie "Any sufficiently advanced technology is indistinguishable from magic." Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
