Re: Securing workstations from IT guys
- From: "Mark Owen" <mr.markowen@xxxxxxxxx>
- Date: Tue, 27 Nov 2007 16:50:46 -0500
On Nov 27, 2007 3:05 PM, Liam Jewell <ljjewell@xxxxxxxxx> wrote:
Anybody who has physical access to the machine becomes a
vulnerability. Even if you encrypt files under an administrator
account on the local machine, simply resetting the password with a
program like Passware, will not disable the encryption. Then an
unauthorized user can log in to the admin account with a blank
password (or a password of their choosing) and have access to all
encrypted files.
This is not entirely true. If you reset or delete the password for an
account then that account will no longer be able to decrypt the files.
--
Mark Owen
- Follow-Ups:
- RE: Securing workstations from IT guys
- From: Erin Carroll
- RE: Securing workstations from IT guys
- References:
- Securing workstations from IT guys
- From: WALI
- RE: Securing workstations from IT guys
- From: Lim Ming Wei
- RE: Securing workstations from IT guys
- From: Depp, Dennis M.
- Re: Securing workstations from IT guys
- From: Liam Jewell
- Securing workstations from IT guys
- Prev by Date: Re: dns paper:case study
- Next by Date: Re: Spying in a corporate environment
- Previous by thread: Re: Securing workstations from IT guys
- Next by thread: RE: Securing workstations from IT guys
- Index(es):
Relevant Pages
|
