RE: About MS-Networking security.

• Previous message: Neil Morris: "MDAC security patch problem?"
• Maybe in reply to: Cyber Chiu`: "About MS-Networking security."
• Next in thread: Wronski, Michael C (MED): "RE: About MS-Networking security."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 16 Jan 2004 08:37:12 -0500
To: "Cyber Chiu`" <cchiu@hotspur.com.hk>, <focus-ms@securityfocus.com>

Cyber wrote:
========================================================================
====
Hi all, I have a question about portable computer security concern.

My company have firewall protection, all desktop are behind firewall.
However, My saleman need to do their business with a Laptop. When
they're in office. They will connect their laptop to our internet.

I think it's danger because we don't know it's infected by virus or not.

can anyone suggest me what to do?

========================================================================
====

First you have to think of this as a policy procedure. So, your
Security policy should give you a start of how to treat network access,
internet connectivity, what checks to perform, and network policies to
perform for laptops or road warriors.

It should consist of applying a procedure something in the range of:

1: Where did salesman connect to a network on his/her trip?
2: Do we have a relationship with this external entity (network)?
3: Do we trust this entity?
4: Can we obtain and rely on external entities network status report?
5: Determine which route to take based on information collected above,
and what your level of risk may be:
        A:
                1) Run a vulnerability scan against machine?
                2) Run virus scan
                3) Review results; apply patches that were not
implemented due to laptops absence from network during patch deployment
                4)...
        Or:
        B:
                1) Have a clean pre-ghosted machine load
                2) Save laptops data (not systate data-this requires
config planning)
                3) Wipe machine (not quick format)
                4) Apply ghost
                5) Restore data after (after the data has been virus
scanned)
                6)...
6: ...
7: ...

Fill in the blanks: I hope this helps

James
         

-----Original Message-----
From: Cyber Chiu` [mailto:cchiu@hotspur.com.hk]
Sent: Sunday, January 11, 2004 4:26 PM
To: focus-ms@securityfocus.com
Subject: About MS-Networking security.

---------------------------------------------------------------------------
---------------------------------------------------------------------------

• Previous message: Neil Morris: "MDAC security patch problem?"
• Maybe in reply to: Cyber Chiu`: "About MS-Networking security."
• Next in thread: Wronski, Michael C (MED): "RE: About MS-Networking security."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]