Basic Windows Security Question
From: Andrew McIntosh (amcintosh_at_networkadvocates.com)
Date: 03/29/05
- Previous message: Alessandro Bottonelli: "Re: Security on CDMA for Banking Applications"
- Next in thread: Mike B: "Sentinel IPS"
- Reply: Mike B: "Sentinel IPS"
- Maybe reply: Reece, Terry: "RE: Basic Windows Security Question"
- Reply: Barrie Dempster: "Re: Basic Windows Security Question"
- Reply: Jon Lawhead: "Re: Basic Windows Security Question"
- Maybe reply: Depp, Dennis M.: "RE: Basic Windows Security Question"
- Reply: Zaven: "Re: Basic Windows Security Question"
- Maybe reply: adisegna_at_siscocorp.com: "RE: Basic Windows Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Mar 2005 16:20:46 -0500 To: <security-basics@securityfocus.com>
Hello Everybody,
I am curious to see the different suggestions for this scenario:
Suppose you have a small company of less than 100 employees. One of the
employees likes to bring his work home on occasion. He does so using a
USB thumb drive. One day he catches a [virus, worm, Trojan, spyware,
anything you can think of] at home and it winds up on his thumb drive,
which he in turn brings to the company network.
The company certainly should have anti-virus software in place, which
would fix that problem. But what if he unknowingly loads a key logging
program that could capture private customer information? What do you
suggest? Here is what I could think of so far:
Disable USB Port - That would solve the particular problem and create
other problems. For instance, substitute the thumb drive with a floppy
disk or CD. For obvious reasons you don't want to disable those as well.
Restrict user permissions - That could potentially prevent a program
from installing itself, but it would also cause the user some grief if
they need to install programs themselves, or even do simple things like
changing personal settings.
Security Policy - Haven't looked into this yet, but maybe there is a way
to prevent the use of thumb drives and other specific devices through
security policy.
What do you think?
Thanks!
====================
amcintosh@ntad.com
====================
- Previous message: Alessandro Bottonelli: "Re: Security on CDMA for Banking Applications"
- Next in thread: Mike B: "Sentinel IPS"
- Reply: Mike B: "Sentinel IPS"
- Maybe reply: Reece, Terry: "RE: Basic Windows Security Question"
- Reply: Barrie Dempster: "Re: Basic Windows Security Question"
- Reply: Jon Lawhead: "Re: Basic Windows Security Question"
- Maybe reply: Depp, Dennis M.: "RE: Basic Windows Security Question"
- Reply: Zaven: "Re: Basic Windows Security Question"
- Maybe reply: adisegna_at_siscocorp.com: "RE: Basic Windows Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
