RE: Stopping users emailing out internal docs
+2 Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 22, 2008 8:01 AM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Hey now. Security is my other gig. Not all of us Security Officers are idiots. Christopher J. Bosak Vector Company c. 847.603.4673 [EMAIL PROTECTED] You need to install an RTFM Interface, due to an LBNC issue. - B.O.F.H. (Merged 2 into 1) - Me From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 22, 2008 03:01 hrs To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I'm amazed the security guard even noticed the hard disk activity. Are you sure he wasn't responsible ? :-) From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: 21 October 2008 21:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also doesn't protect the cloning of hard drives, which, funnily enough, happened to one of my clients on Monday. Security guard saw some disk activity going on, hit the keyboard and voila, Ghost was in action.CFO's pc, the bugger had installed an extra hdd. S From: Sherry Abercrombie [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:34 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user
RE: Stopping users emailing out internal docs
if you have +3 Zs then you would be asleep... ...Zzz... :-) From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: 23 October 2008 10:34 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs +2 Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 The information contained in this E-Mail and any subsequent correspondence is private and is intended solely for the intended recipient(s). The information in this communication may be confidential and/or legally privileged. Nothing in this e-mail is intended to conclude a contract on behalf of QinetiQ or make QinetiQ subject to any other legally binding commitments, unless the e-mail contains an express statement to the contrary or incorporates a formal Purchase Order. For those other than the recipient any disclosure, copying, distribution, or any action taken or omitted to be taken in reliance on such information is prohibited and may be unlawful. Emails and other electronic communication with QinetiQ may be monitored and recorded for business purposes including security, audit and archival purposes. Any response to this email indicates consent to this. Telephone calls to QinetiQ may be monitored or recorded for quality control, security and other business purposes. QinetiQ Limited Registered in England Wales: Company Number:3796233 Registered office: 85 Buckingham Gate, London SW1E 6PD, United Kingdom Trading address: Cody Technology Park, Cody Building, Ively Road, Farnborough, Hampshire, GU14 0LX, United Kingdom http://www.qinetiq.com/home/notices/legal.html ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
I'm amazed the security guard even noticed the hard disk activity. Are you sure he wasn't responsible ? J From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: 21 October 2008 21:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also doesn't protect the cloning of hard drives, which, funnily enough, happened to one of my clients on Monday. Security guard saw some disk activity going on, hit the keyboard and voila, Ghost was in action.CFO's pc, the bugger had installed an extra hdd. S From: Sherry Abercrombie [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:34 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] Web:http://www.g2support.com http://www.g2support.com/ -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
Thanks for all the info chaps. I think that with some changes to the email policies and a bit of reporting, as well as some time spent looking at WRM (they are currently running Office 2003 so won't be any use till they upgrade) then I think we will easily satisfy the requirements of local law. I feel a blog post coming on. Olly -Original Message- From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: 22 October 2008 01:52 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Windows Rights Management can stop people printing things. Copying stuff to USB keys is pointless - the documents are encrypted. If you don't have access to the RM server, you can't decrypt the document. Same with forwarding the document somewhere else. You can stop Alt+Print Screen as well. You can't stop *analogue* attacks (which is why it's called Digital rights management). If someone brings in a camera and takes a photo of the screen, then there's not much you can do about that. But analogue attacks are much slower to execute than digital attacks. Cheers Ken -Original Message- From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: Wednesday, 22 October 2008 11:16 AM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also won't stop printing it and faxing it or putting the paper in their pocket. Or alt print screen and emailing the jpg. Or a hundred other ways we could all dream up. The OP needs to make enough effort to satisfy the law in his country so that a good faith effort can be shown from what I read in his original post. If this gets him there only the lawyers can say. From: Sherry Abercrombie [EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 4:33 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] om] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] ] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] om] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] om] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have
RE: Stopping users emailing out internal docs
Office 2003 works with Windows Rights Management (as does IE6 with some add-on component you need to install). Cheers Ken -Original Message- From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Wednesday, 22 October 2008 7:03 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Thanks for all the info chaps. I think that with some changes to the email policies and a bit of reporting, as well as some time spent looking at WRM (they are currently running Office 2003 so won't be any use till they upgrade) then I think we will easily satisfy the requirements of local law. I feel a blog post coming on. Olly -Original Message- From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: 22 October 2008 01:52 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Windows Rights Management can stop people printing things. Copying stuff to USB keys is pointless - the documents are encrypted. If you don't have access to the RM server, you can't decrypt the document. Same with forwarding the document somewhere else. You can stop Alt+Print Screen as well. You can't stop *analogue* attacks (which is why it's called Digital rights management). If someone brings in a camera and takes a photo of the screen, then there's not much you can do about that. But analogue attacks are much slower to execute than digital attacks. Cheers Ken -Original Message- From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: Wednesday, 22 October 2008 11:16 AM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also won't stop printing it and faxing it or putting the paper in their pocket. Or alt print screen and emailing the jpg. Or a hundred other ways we could all dream up. The OP needs to make enough effort to satisfy the law in his country so that a good faith effort can be shown from what I read in his original post. If this gets him there only the lawyers can say. From: Sherry Abercrombie [EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 4:33 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] om] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] ] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] om] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] om] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible
RE: Stopping users emailing out internal docs
yep http://www.microsoft.com/windows/ie/ie6/downloads/addon/rm.mspx From: Ken Schaefer [EMAIL PROTECTED] Sent: Wednesday, 22 October 2008 7:35 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Office 2003 works with Windows Rights Management (as does IE6 with some add-on component you need to install). Cheers Ken -Original Message- From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Wednesday, 22 October 2008 7:03 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Thanks for all the info chaps. I think that with some changes to the email policies and a bit of reporting, as well as some time spent looking at WRM (they are currently running Office 2003 so won't be any use till they upgrade) then I think we will easily satisfy the requirements of local law. I feel a blog post coming on. Olly -Original Message- From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: 22 October 2008 01:52 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Windows Rights Management can stop people printing things. Copying stuff to USB keys is pointless - the documents are encrypted. If you don't have access to the RM server, you can't decrypt the document. Same with forwarding the document somewhere else. You can stop Alt+Print Screen as well. You can't stop *analogue* attacks (which is why it's called Digital rights management). If someone brings in a camera and takes a photo of the screen, then there's not much you can do about that. But analogue attacks are much slower to execute than digital attacks. Cheers Ken -Original Message- From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: Wednesday, 22 October 2008 11:16 AM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also won't stop printing it and faxing it or putting the paper in their pocket. Or alt print screen and emailing the jpg. Or a hundred other ways we could all dream up. The OP needs to make enough effort to satisfy the law in his country so that a good faith effort can be shown from what I read in his original post. If this gets him there only the lawyers can say. From: Sherry Abercrombie [EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 4:33 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] om] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] ] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] om] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED] om] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who
RE: Stopping users emailing out internal docs
Hey now. Security is my other gig. Not all of us Security Officers are idiots. Christopher J. Bosak Vector Company c. 847.603.4673 [EMAIL PROTECTED] You need to install an RTFM Interface, due to an LBNC issue. - B.O.F.H. (Merged 2 into 1) - Me From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 22, 2008 03:01 hrs To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I'm amazed the security guard even noticed the hard disk activity. Are you sure he wasn't responsible ? J From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: 21 October 2008 21:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also doesn't protect the cloning of hard drives, which, funnily enough, happened to one of my clients on Monday. Security guard saw some disk activity going on, hit the keyboard and voila, Ghost was in action.CFO's pc, the bugger had installed an extra hdd. S From: Sherry Abercrombie [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:34 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it. http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick.now if I could only remember what product it was. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] Web:http://www.g2support.com http://www.g2support.com/ -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic
RE: Stopping users emailing out internal docs
If you cannot get WRM working with Office, our Ninja gives you very granular controls about who can email all kinds of attachments inside and out. http://www.sunbeltsoftware.com/Business/Ninja-Email-Security/ Warm regards, Stu From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:00 PM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Web:http://www.g2support.com http://www.g2support.com/ .. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
Ahh, but you're used to UK security guards...:) From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 22, 2008 5:01 AM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I'm amazed the security guard even noticed the hard disk activity. Are you sure he wasn't responsible ? :) From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: 21 October 2008 21:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also doesn't protect the cloning of hard drives, which, funnily enough, happened to one of my clients on Monday. Security guard saw some disk activity going on, hit the keyboard and voila, Ghost was in action.CFO's pc, the bugger had installed an extra hdd. S From: Sherry Abercrombie [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:34 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] Web:http://www.g2support.comhttp://www.g2support.com/ -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint
RE: Stopping users emailing out internal docs
security guards at one site (UK based) where I work have a nice warm building and a big TV on the wall to watch they should be outside patrolling the fences in the freezing cold with hungry/angry looking dogs :-) From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: 22 October 2008 13:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Ahh, but you're used to UK security guards...:) From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 22, 2008 5:01 AM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I'm amazed the security guard even noticed the hard disk activity. Are you sure he wasn't responsible ? J From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: 21 October 2008 21:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also doesn't protect the cloning of hard drives, which, funnily enough, happened to one of my clients on Monday. Security guard saw some disk activity going on, hit the keyboard and voila, Ghost was in action.CFO's pc, the bugger had installed an extra hdd. S From: Sherry Abercrombie [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:34 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED
RE: Stopping users emailing out internal docs
The 5th of November? *** John C. Kelsey DuBois Regional Medical Center (: 814.375.3073 *: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] *** From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:59 AM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Stopping users emailing out internal docs
At a former employer, they had attachments delayed with suspicious titles for a number of hours (especially anything dealing with their pending merger)This allowed the admins to review the quarantined email before it was sent. This was done on the Anti-spam solution.. On Tue, Oct 21, 2008 at 11:00 AM, Oliver Marshall [EMAIL PROTECTED] wrote: Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] Web:http://www.g2support.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] Web:http://www.g2support.comhttp://www.g2support.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] Web:http://www.g2support.com http://www.g2support.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] Web:http://www.g2support.comhttp://www.g2support.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
Windows Rights Management I believe is what you are looking for. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:59 AM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick.now if I could only remember what product it was. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] Web:http://www.g2support.com http://www.g2support.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] Web:http://www.g2support.com http://www.g2support.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] Web:http://www.g2support.comhttp://www.g2support.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] Web:http://www.g2support.comhttp://www.g2support.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
Only with Office 2007 though. S From: David Lum [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] Web:http://www.g2support.comhttp://www.g2support.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Stopping users emailing out internal docs
Absolutely not. On Tue, Oct 21, 2008 at 4:28 PM, NTSysAdmin [EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it… http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job – you can select an e-mail and effectively make it unforwardable, it was pretty slick…now if I could only remember what product it was… David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] Web:http://www.g2support.com -- ME2 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Stopping users emailing out internal docs
Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S *From:* David Lum [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, October 21, 2008 5:11 PM *To:* NT System Admin Issues *Subject:* RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it… http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave *From:* Oliver Marshall [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, October 21, 2008 12:19 PM *To:* NT System Admin Issues *Subject:* RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? *From:* Kennedy, Jim [mailto:[EMAIL PROTECTED] *Sent:* 21 October 2008 20:15 *To:* NT System Admin Issues *Subject:* RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. *From:* Oliver Marshall [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, October 21, 2008 2:59 PM *To:* NT System Admin Issues *Subject:* RE: Stopping users emailing out internal docs Remember remember. *From:* David Lum [mailto:[EMAIL PROTECTED] *Sent:* 21 October 2008 19:43 *To:* NT System Admin Issues *Subject:* RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job – you can select an e-mail and effectively make it unforwardable, it was pretty slick…now if I could only remember what product it was… *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 *From:* Oliver Marshall [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, October 21, 2008 11:00 AM *To:* NT System Admin Issues *Subject:* Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED] Web:http://www.g2support.com -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
It also doesn't protect the cloning of hard drives, which, funnily enough, happened to one of my clients on Monday. Security guard saw some disk activity going on, hit the keyboard and voila, Ghost was in action.CFO's pc, the bugger had installed an extra hdd. S From: Sherry Abercrombie [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 5:34 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] Web:http://www.g2support.comhttp://www.g2support.com/ -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
It also won't stop printing it and faxing it or putting the paper in their pocket. Or alt print screen and emailing the jpg. Or a hundred other ways we could all dream up. The OP needs to make enough effort to satisfy the law in his country so that a good faith effort can be shown from what I read in his original post. If this gets him there only the lawyers can say. From: Sherry Abercrombie [EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 4:33 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it… http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job – you can select an e-mail and effectively make it unforwardable, it was pretty slick…now if I could only remember what product it was… David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against a user for doing so, or to highlight when a user is doing so? Olly -- G2 Support Network Support : Online Backups : Server Management Email: [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] Web:http://www.g2support.comhttp://www.g2support.com/ -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Stopping users emailing out internal docs
Windows Rights Management can stop people printing things. Copying stuff to USB keys is pointless - the documents are encrypted. If you don't have access to the RM server, you can't decrypt the document. Same with forwarding the document somewhere else. You can stop Alt+Print Screen as well. You can't stop *analogue* attacks (which is why it's called Digital rights management). If someone brings in a camera and takes a photo of the screen, then there's not much you can do about that. But analogue attacks are much slower to execute than digital attacks. Cheers Ken -Original Message- From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: Wednesday, 22 October 2008 11:16 AM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs It also won't stop printing it and faxing it or putting the paper in their pocket. Or alt print screen and emailing the jpg. Or a hundred other ways we could all dream up. The OP needs to make enough effort to satisfy the law in his country so that a good faith effort can be shown from what I read in his original post. If this gets him there only the lawyers can say. From: Sherry Abercrombie [EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 4:33 PM To: NT System Admin Issues Subject: Re: Stopping users emailing out internal docs Policies to prevent the unauthorized use of usb ports. There's good software that will do this, and will apply even on machines (laptops) that are off the network. On Tue, Oct 21, 2008 at 3:28 PM, NTSysAdmin [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Would that stop them dragging dropping onto a usb stick? S From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 5:11 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Good job guys, Information Rights Management, that's it... http://office.microsoft.com/en-us/help/HA101029181033.aspx Dave From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 12:19 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs And thats still part of Office Server isn't it ? From: Kennedy, Jim [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 20:15 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Microsoft's Rights Management can do much of what you seek. Although it isn't perfect and can be beat it should get you to be able to say you tried really hard to the lawyers. From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 2:59 PM To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs Remember remember. From: David Lum [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: 21 October 2008 19:43 To: NT System Admin Issues Subject: RE: Stopping users emailing out internal docs I seem to think InfoPath or Groove or some other MS tool can do this kind of job - you can select an e-mail and effectively make it unforwardable, it was pretty slick...now if I could only remember what product it was... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Oliver Marshall [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 21, 2008 11:00 AM To: NT System Admin Issues Subject: Stopping users emailing out internal docs Hi chaps, We've had a case this week of a client who found out a user, who is in the process of being let go, had emailed out to their personal gmail account a copy of all the internal documents, logos, process diagrams, etc. The user is now undergoing disciplinary action and facing possible legal action. However, while it's almost impossible to prevent a user from emailing a document out if they really want to, companies are obliged to have a policy in place requiring them not to doing so, and here in the UK that policy has to be seen to be implemented and enforced if it is to be referred to in any action. We've suggested a proper compliance level archival service in order to allow for emails to be restored even when users delete emails from their machines (and their recoverable deleted items in this case). Elsewhere we have used similar services to also report on certain file types, file names and sizes of files being sent, and use them to bounce emails under certain conditions. Bouncing certain emails, while a very limited short-stick, does allow for the policy to be seen to be in place if people are as silly as to send out documents with certain names etc (like Accounts2008.xls etc). What do other companies do to help either prevent people sending docs out, or to cover themselves legally should they have to take action against