I have seen some of these products. I believe Adobe will do this as well. I have not however, rant into a software package that can prevent screen shots from being taken.
Duston Sickler Abacus Business System, Inc. http://www.abswebb.net -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, March 17, 2003 12:23 PM To: [EMAIL PROTECTED] Subject: Re: Physical Security & Protecting Information Today at the Cebit I saw a product by a company called airzip called document secure that let's you contol the access rights on a document level. You can allow a person to only view a document. The person then will not be possible to print it or save it somewhere if you don't allow it. The product basically creates a wrapper around the doc that stores this info. If you have extremly sensitive information you might use a tool like this to prevent this documents to be walked out of your systems on disk, USB sticks or paper. On Fri, 2003-03-14 at 01:17, Philip Storry wrote: > Hello discipulus, > > Thursday, March 13, 2003, 3:13:44 AM, you wrote: > > d> I've read about corporate espionage cases where a perpetrator at > d> one company busts into the network of another company and stumbles > d> into a directory named "Proposals" of all things but employees who > d> walk out the front doors carrying protected information seems just > d> as damaging or more so to me. > > There's not much that you can practically do here, I think. > > The problem is that although there are many good technical and > procedural methods of ensuring that only authorised people have access > to your systems - and therefore your information - there are few > technical or procedural things you can (realistically) do to control > what those authorised people do with the information they have access > to. > > Content security systems (like Mimesweeper) can check outbound emails, > and block anything that contains project codenames. But that won't > stop someone printing it out and putting the paper in their briefcase. > > Because this is such a low-tech crime, you're left with policy and > procedure as your only tools. > > You should consider making it policy that information does not leave > your sites, without written permission from a senior person. This will > cause trouble for those that telework, however. You could also brief > security staff on what to look for - keep them appraised of new > storage media (like those nifty USB pen drives), and give them the > authority to do random stop and search jobs. > > Make sure that all emails and documents have - by policy - a > boilerplate on them saying who owns that intellectual property. Tacky, > but it might be useful in a court of law - and it reminds employees of > the stark reality. > > All of these safeguards (except boilerplating, which could be enforced > via templates etc.) are the sort of things people get complacent on > very quickly, because they stand in the way of people working. Within > six months of implementing them, senior people will be signing off > that John Smith can take home "anything relating to projects X, Y and > Z" simply because they don't want to sign it off three times - even > though John Smith doesn't actually work on Y and Z. > > So really, the only defence against this is contractual. All employees > must sign an NDA, stating that they will not divulge proprietary > intellectual property. Make them sign it, and understand why they are > signing it. Don't make it too draconian - you don't need the ability > to search their home, for instance. (That's what law enforcement > agencies are for.) But you should make it clear that if they steal, > they'll be sued. Having to spend that pay rise you got when switching > jobs on legal fees is not an attractive proposition. > > > Finally, it should be pointed out that many companies won't actually > accept stolen IP, because it's a legal minefield. But NDA's make it > difficult for both the person acting as a conduit as well as the > ultimate recipient, and may make employees who were only casually > thinking about it think twice. > > Nothing, however, will stop the determined person who's miffed at the > company and leaving for a competitor. Nothing except the competitor's > honesty and their own legal team's advice, anyway. :-) > > -- > Best regards, > Philip mailto:[EMAIL PROTECTED] >
