Home page logo
/

basics logo Security Basics mailing list archives

Re: Securing workstations from IT guys
From: "Micheal Espinola Jr" <michealespinola () gmail com>
Date: Wed, 28 Nov 2007 15:44:33 -0500

Exactly.

http://www.espinola.net/wiki/Crowley's_law

On Nov 27, 2007 12:16 PM, Depp, Dennis M. <deppdm () ornl gov> wrote:
Find the admin who is leaking the data and fire him.


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Lim Ming Wei
Sent: Monday, November 26, 2007 10:14 PM
To: 'WALI'; 'security-basics'
Subject: RE: Securing workstations from IT guys

Use encryption program to encrypt those files.  Password function in the
normal MS Word application does not help.  If you have problem installing
the program.  You might want to consider saving the file in an alternative
storage media such as a USB Thumb drive.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of WALI
Sent: Monday, November 26, 2007 2:24 AM
To: security-basics
Subject: Securing workstations from IT guys

It's a catch 22 situation and I need to make our Windows Xp workstations
appropriately secure. Secure from rogue Helpdesk personnel as well as
network admins.
The HR guys are complaining that their 'offer' letters to prospective
employees and some of the CVs that they recieve are finding their way into
unwanted hands. I suspect both HR application vulnerability, for which I am
undertaking some vulnerability analysis but I also need to protect the PCs
that belong to Dept. of HR employees from rogue IT guys.

Here are the basics of what I intend to do:
1. Advise all HR users to shutdown their PC before they leave for the day.
2. Change all Local Admin passwords so that even IT helpdesk/other doesn't
know them.
3. Advise HR guys to assign passwords to their excel/word files.
3. Do not create shares off c drive giving 'everyone' access.

But...because they are all connected to Windows 2003 domain, I still risk
someone from domain admin group to be able to start C$/D$ share and browse
into their c: drive, what should I do?

Also, it's easy to crack open xls/doc passwords, what else can be done?

Alternatively, Is there an auditing on PC that can be enabled to track/log
incoming connections to C$ and pop up and alert whenever someone tries it
out from a remote machine.

Pls advise!!







-- 
ME2


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]