Penetration Testing mailing list archives

RE: Boot floppy

From: "Michele Jordan" <security_lists () michelejordan net>
Date: Wed, 25 Apr 2007 09:16:49 -0400

 That thought process works in a large organization, but not in a
small one.  A very small company just works differently.  There are no
handbooks (I once worked for a company for two years before they put
out an employee handbook, and it focused on benefits), there are no
policies, there is a handful of people trying to get the job done.
Each person manages their own computers if they're technically able.
Action such as "let me look at your computer" are taken personally,
and are very damaging to morale.  You may as well fire him after you
demand to look at the computer, it will end there in the long run.

You've gotten some good ideas, best of luck!

-Michele
< snip>


dont see why this has gotten to such a big thread...

Employee = Company Asset
Laptop     = Company Asset
------------------------------
no violation or reasonable expectation of privacy
regarding said Company Asset laptop.

 It is a company asset, period.
 ( just like the packets originating from Company network assets )

 solution:
1. Call local FBI, aprise of situation.
2. take the laptop away.
3. suspend employee pending forensics.

( same as if if an Employee is suspected of 
using / doing illegal activity from the company car. 
While the Employee can take it home and use it for 
personal use, it is a Company asset and therfore enjoys 
no reasonable expectation from the protection of privacy. )


M.W





--------------------------------------------------------------
----------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
--------------------------------------------------------------
----------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Current thread:

RE: Boot floppy, (continued)
- RE: Boot floppy Mifa (Apr 13)
  - Re: Boot floppy Michael Munt (Apr 13)
  - RE: Boot floppy Sat Jagat Singh (Apr 13)
- Re: Boot floppy Shreyas Zare (Apr 13)
  - Re: Boot floppy Morning Wood (Apr 13)
  - Re: Boot floppy Packet Man (Apr 15)
- Re: Boot floppy barcajax (Apr 13)
- Re: Boot floppy Thor (Hammer of God) (Apr 13)
  - Re: Boot floppy Tremaine Lea (Apr 14)
    - Re: Boot floppy Morning Wood (Apr 15)
    - RE: Boot floppy Michele Jordan (Apr 28)