Security Basics mailing list archives

Re: Securing workstations from IT guys

From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 29 Nov 2007 21:35:51 +0100

On 2007-11-29 Vandenberg, Robert wrote:

On Wednesday, November 28, 2007 1:02 PM Eric Marden wrote:

But a keylogger seems more than lazy, in my opinion.

If you can't trust the employees, then fire them.


Nice if the world could be that easy.


It is that easy. Really. If you distrust a person to the point where you
have to resort to that kind of surveillance: fire them (or don't hire
them in the first place).

But nowadays in our litigious society, not going through a through
investigation before taking the appropriate actions is going to invite
a wrongful termination lawsuit.


Using keyloggers is leaving "thorough investigation" in the dust.
Besides, nobody said the termination had to be without notice. You can
always release them from their duties and expel them from the company's
premises. Certainly not the cheapest option, but an option nonetheless.

It is better to have all of your ducks in line and get all of the
evidence you can before you bring the offending party in and fire
them.


Using inappropriate means to gather evidence is like handing your
opponent (or his lawyer) a loaded gun.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

Current thread:

RE: Securing workstations from IT guys, (continued)
- - - RE: Securing workstations from IT guys Nick Vaernhoej (Nov 28)
    - Network protocol analyzers Malhoit, Lauren (Nov 28)
    - Re: Network protocol analyzers Michael R. Martinez (Nov 28)
    - RE: Network protocol analyzers Chris Boczko (Nov 28)
    - Re: Network protocol analyzers crazy frog crazy frog (Nov 28)
    - Re: Securing workstations from IT guys James Alcasid (Nov 28)
    - RE: Securing workstations from IT guys Petter Bruland (Nov 28)
    - RE: Securing workstations from IT guys Big Joe Jenkins (Nov 28)
    - Re: Securing workstations from IT guys Eric Marden (Nov 29)
    - RE: Securing workstations from IT guys Vandenberg, Robert (Nov 29)
    - Re: Securing workstations from IT guys Ansgar -59cobalt- Wiechers (Nov 29)
    - RE: Securing workstations from IT guys Nick Vaernhoej (Nov 29)
    - Removable media Worrell, Brian (Nov 30)
    - Re: Removable media Albert R. Campa (Nov 30)
    - Re: Securing workstations from IT guys Vinny (Nov 29)
    - RE: Securing workstations from IT guys Craig Wright (Nov 29)
    - RE: Securing workstations from IT guys Frary, Brock (Nov 29)
    - RE: Securing workstations from IT guys Nick Vaernhoej (Nov 29)
    - RE: Securing workstations from IT guys Craig Wright (Nov 29)
    - Re: Securing workstations from IT guys Mark Owen (Nov 29)
    - Re: Securing workstations from IT guys Patrick J Kobly (Nov 29)

(Thread continues...)