Security Basics mailing list archives
RE: Laptop security
From: Warren V Camp <wcamp () cox net>
Date: Mon, 26 Feb 2007 11:30:29 -0500
Local laptop assuming that they are the properity of the company as a general rule should not have local admin access privileges unless required as an exception for their job. Running a special application that requires admin rights. The problem is not that the user has admin privileges to their laptop but that with admin access they canusually circumvent all other copporate securities policies, rules, standards, and rules. One of the biggest exposures to your corporation and network is when laptop reconnect to your corporate network. Can you anser the question can they be trusted if the user has admin privileges, I think the answer is no. A more general solution is that laptops are recertified when they attached to the corporate network. This approach is in development and its final outcome is questionable. Any changes a user may have made directly, indirectly, knowning or unknowning can be reinitalized by the recertification process. Warren Warren V. Camp, CPA, CISA, CDP ---- WALI <hkhasgiwale () gmail com> wrote:
Hi An unrelated question on laptop security but would be glad if someone could answer. What's the usual practise when it comes to assigning local usernames and passwords. Should the users be given local administrator accounts? If laptops are part of domain, how can the users continue to logon from their homes when there is no domain available and they do not have local accounts on laptops? At 05:09 PM 2/21/2007 -0600, Anzaldo, Oscar wrote:Besides best practices suh as Keningston Cable security lock, disk parity encryption, admin user renamed, a very effective way to prevent robbery, is to assign the laptop with a legal document signed by the user making them responsible for the asset, if the user get stole or "lost" their laptop then they should pay for the value of the laptop. Being aware does not make a user responsible but does when you charge back them for the price. Cheers Oscar On 19-Feb-07, at 10:39 PM, Badhrinath S wrote:Hello all, Apart from data encryption, insurance and user awareness can anyone let me know other risk mitigation policies against laptop theft ? -- Thanks Badhri--------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ------------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ---------------------------------------------------------------------------
-- Warren V. Camp, CPA, CISA, CDP --------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ---------------------------------------------------------------------------
Current thread:
- Re: Laptop security, (continued)
- Re: Laptop security HF (Feb 22)
- Re: Laptop security Tyler Krpata (Feb 22)
- Message not available
- RE: Laptop security WALI (Feb 26)
- RE: Laptop security Nick Duda (Feb 26)
- RE: Laptop security WALI (Feb 26)
- Re: Laptop security steve . dake (Feb 21)
- Re: Laptop security kevin fielder (Feb 22)
- Re: Laptop security dlandru (Feb 23)
- Re: RE: Laptop security aaarugrat (Feb 23)
- Re: RE: Laptop security spad78 (Feb 23)
- RE: Laptop security Andre Gorvel (Feb 26)
- RE: Laptop security Warren V Camp (Feb 26)