Security Basics mailing list archives
Re: Notebook policy (need advice)
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Fri, 26 Jan 2007 21:25:51 +0100
On 2007-01-25 Eric Furman wrote:
I'll give you one very simple policy that you should enforce that will make most of your concerns moot: NEVER EVER EVER STORE SENSITIVE DATA ON A LAPTOP! Anybody, and I mean ANYBODY, found with sensitive data on their laptop should have it seized and they should be immediately dismissed. There is virtually no reason to ever store sensitive data on a laptop. Sensitive data should only ever reside on hardened servers in a physically secured server room. If your employees need to work with this data there are several means to securely access this data remotely.
Just take your average insurance salesman. How do you guarantee that he has remote access from everywhere he may make a contract? cu 59cobalt -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- RE: Notebook policy (need advice), (continued)
- RE: Notebook policy (need advice) Eric Furman (Jan 26)
- RE: Notebook policy (need advice) Huang, John, GCM (Jan 26)
- Re: Notebook policy (need advice) Eric White (Jan 26)
- Re: Notebook policy (need advice) Eric Furman (Jan 26)
- RE: Notebook policy (need advice) Sipes, Bob (Jan 26)
- RE: Notebook policy (need advice) Steveb (Jan 30)
- RE: Notebook policy (need advice) Patton Roub (Jan 29)
- RE: Notebook policy (need advice) Barrett, Will (Jan 29)
- RE: Notebook policy (need advice) Greg Jones (Jan 30)
- RE: Notebook policy (need advice) Sipes, Bob (Jan 26)
- Re: Notebook policy (need advice) Ansgar -59cobalt- Wiechers (Jan 26)
- Re: Notebook policy (need advice) Ryan Chow (Jan 29)
- Re: Notebook policy (need advice) Artur Baruchi (Jan 30)