Security Basics mailing list archives
Re: Re: Allowing access to social networking... securely?
From: Stephen Mullins <steve.mullins.work () gmail com>
Date: Tue, 26 May 2009 07:31:07 -0400
If they want to spend all day browsing My Space so badly that they will bring in a USB wireless device and hijack wireless from a nearby office or VPN back to their home PC, I think they should be given a great deal more free time to spend at home on My Space, and I don't mean telecommuting. It's definitely an HR issue at that point. I know a guy that plays World of Warcraft from his office using his personally owned laptop with a Sprint wireless card. He sets the laptop out of sight in a desk drawer and hooks it up to one of the displays on his desk. He has a KVM on the floor he can hit with his foot to switch over to a screen with a network diagram set as the background to look like it is an open program he's working on should he hear someone coming down the hall towards his desk. At some point, you just have to send these people home to momma. Steve On Fri, May 22, 2009 at 5:03 PM, <no () dot no> wrote:
Patrick, good response. But I wonder about this.. "The OP's suggested risk vector - malware infested proxy sites isn't even the worst one introduced. I've seen places where blocking has induced users to use bypass mechanisms including: - Separate dialup connections - USB Wifi piggy-backing on nearby offices' signals - SSH tunneling - VPN connections out to a machine acting as a proxy (home PC for example) - GoToMyPC or equivalent to a machine acting as a proxy" If you have a user that will violate corporate policy by circumventing systems put in place, that is an HR issue. The examples you site, we block. We're incredibly concerned about data leakage being in the financial industry. Maybe those systems aren't needed in all forms of business. I'm of the belief that we all choose where we work, and we all play by the rules laid out by mgmt. We can choose to play along, or not. Those measures aren't put in place to make people's work environment less fun. They're done for the well being of the company. It only takes one person to leak out sensitive data, emails, etc and create a potentially bad situation. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- Re: Allowing access to social networking... securely?, (continued)
- Re: Allowing access to social networking... securely? krymson (May 20)
- RE: Allowing access to social networking... securely? Robin Smith (FaceTime) (May 21)
- Re: Re: Allowing access to social networking... securely? chmod1777 (May 21)
- Re: Re: Re: Allowing access to social networking... securely? lmaia (May 21)
- RE: Re: Re: Allowing access to social networking... securely? Ian Bradshaw (May 22)
- Re: Allowing access to social networking... securely? krymson (May 22)
- Re: Allowing access to social networking... securely? krymson (May 22)
- Re: Allowing access to social networking... securely? Patrick J Kobly (May 22)
- Re: Re: Allowing access to social networking... securely? no (May 22)
- Re: Allowing access to social networking... securely? Patrick J Kobly (May 25)
- Re: Re: Allowing access to social networking... securely? Stephen Mullins (May 26)
- Re: Allowing access to social networking... securely? krymson (May 20)