Home page logo
/

basics logo Security Basics mailing list archives

RE: Laptop security
From: Warren V Camp <wcamp () cox net>
Date: Mon, 26 Feb 2007 11:30:29 -0500

Local laptop assuming that they are the  properity of the company as a general rule should not have local admin access 
privileges unless required as an exception for their job.  Running a special application that requires admin rights.  
The problem is not that the user has admin privileges to their laptop but that with admin access they canusually 
circumvent all other copporate securities policies, rules, standards, and rules.

One of the biggest exposures to your corporation and network is when laptop reconnect to your corporate network.  Can 
you anser the question can they be trusted if the user has admin privileges, I think the answer is no.

A more general solution is that laptops are recertified when they attached to the corporate network.  This approach is 
in development and its final outcome is questionable.  Any changes a user may have made directly, indirectly, knowning 
or unknowning can be reinitalized by the recertification process.

Warren

Warren V. Camp, CPA, CISA, CDP

  
---- WALI <hkhasgiwale () gmail com> wrote: 
Hi

An unrelated question on laptop security but would be glad if someone could 
answer. What's the usual practise when it comes to assigning local 
usernames and passwords. Should the users be given local administrator 
accounts? If laptops are part of domain, how can the users continue to 
logon from their homes when there is no domain available and they do not 
have local accounts on laptops?


At 05:09 PM 2/21/2007 -0600, Anzaldo, Oscar wrote:
Besides best practices suh as Keningston Cable security lock, disk
parity encryption, admin user renamed, a very effective way to prevent
robbery, is to assign the laptop with a legal document signed by the
user making them responsible for the asset, if the user get stole or
"lost" their laptop then they should pay for the value of the laptop.
Being aware does not make a user responsible but does when you charge
back them for the price.

Cheers

Oscar





On 19-Feb-07, at 10:39 PM, Badhrinath S wrote:

Hello all,

 Apart from data encryption, insurance and user awareness can anyone
let me know other risk mitigation policies against laptop theft ?

--
Thanks
Badhri




---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your
enterprise with BigFix, the single converged IT security and operations
engine. BigFix enables continuous discovery, assessment, remediation,
and enforcement for complex and distributed IT environments in real-time
from a single console.
Think what's next. Think BigFix.

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------


---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your 
enterprise with BigFix, the single converged IT security and operations 
engine. BigFix enables continuous discovery, assessment, remediation, 
and enforcement for complex and distributed IT environments in real-time 
from a single console.
Think what's next. Think BigFix. 

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------


--
Warren V. Camp, CPA, CISA, CDP



---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your 
enterprise with BigFix, the single converged IT security and operations 
engine. BigFix enables continuous discovery, assessment, remediation, 
and enforcement for complex and distributed IT environments in real-time 
from a single console.
Think what's next. Think BigFix. 

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]