Re: Stolen server with Windows 2003
From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 03/22/04
- Next message: pramod: "Restrictions ERROR"
- Previous message: Arek Iskra [MVP]: "Re: Stolen server with Windows 2003"
- In reply to: Marlin Todd: "Re: Stolen server with Windows 2003"
- Next in thread: S. Pidgorny
: "Re: Stolen server with Windows 2003" - Reply: S. Pidgorny
: "Re: Stolen server with Windows 2003" - Reply: Drew Cooper [MSFT]: "Re: Stolen server with Windows 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 22 Mar 2004 14:53:25 +1100
That's pretty much impossible.
The thieves have physical access to the box - they are read the data
directly off the hard drives if they want to.
You could encrypt the data, but any encryption mechanism can be brute forced
given time and patience (and it would also make it a little difficult for
your own users to get access to the data).
There is no such thing as the perfectly secure system. Security is about
managing risk. You can have a more secure system but:
a) it costs more money
-and-
b) it interferes with the ease of use of the system
You need to determine what point is an acceptable tradeoff. If you think
that someone physically stealing your server would be a big problem, invest
money in physical security. Have a secure room built to house the server.
Use controlled-access technologies like smartcards to access the room.
Locate the server itself in another physical barrier. Alternatively, there
are data centers you can outsource this type of hosting to.
Cheers
Ken
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Marlin Todd" <marlintodd@hotmail.com> wrote in message news:eMLkLw7DEHA.4080@TK2MSFTNGP09.phx.gbl... : how can we ensure that if a server is stolen again that our data is secure : and they can't get to it? : : thanks : : "Paul Adare - MVP - Microsoft Virtual PC" <padare@newsguy.com> wrote in : message news:MPG.1ac821fbd473a5c79898f7@msnews.microsoft.com... : > In article <e$RTih7DEHA.2768@tk2msftngp13.phx.gbl>, in the : > microsoft.public.windows.server.security news group, Marlin Todd : > <marlintodd@hotmail.com> says... : > : > > we had an accounting server with 3 SCSI harddrives in it. : > > We had Windows 2003 Ent Edition as a member of a DC...with a : alpha-numeric : > > password for the administrator account! : > > Can we be assured that our information is safe? Would the theives be : able : > > to get to the data? : > > : > : > Just the opposite. You can pretty much assume that the data is now : > completely available to the thieves. : > : > -- : > Paul Adare : > Moral indignation is jealousy with a halo. : > H. G. Wells, The Wife of Sir Isaac Harman : :
- Next message: pramod: "Restrictions ERROR"
- Previous message: Arek Iskra [MVP]: "Re: Stolen server with Windows 2003"
- In reply to: Marlin Todd: "Re: Stolen server with Windows 2003"
- Next in thread: S. Pidgorny
: "Re: Stolen server with Windows 2003" - Reply: S. Pidgorny
: "Re: Stolen server with Windows 2003" - Reply: Drew Cooper [MSFT]: "Re: Stolen server with Windows 2003"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
