Home page logo
/

basics logo Security Basics mailing list archives

Re: Securing workstations from IT guys
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Thu, 29 Nov 2007 21:35:51 +0100

On 2007-11-29 Vandenberg, Robert wrote:
On Wednesday, November 28, 2007 1:02 PM Eric Marden wrote:
But a keylogger seems more than lazy, in my opinion.

If you can't trust the employees, then fire them.

Nice if the world could be that easy.

It is that easy. Really. If you distrust a person to the point where you
have to resort to that kind of surveillance: fire them (or don't hire
them in the first place).

But nowadays in our litigious society, not going through a through
investigation before taking the appropriate actions is going to invite
a wrongful termination lawsuit.

Using keyloggers is leaving "thorough investigation" in the dust.
Besides, nobody said the termination had to be without notice. You can
always release them from their duties and expel them from the company's
premises. Certainly not the cheapest option, but an option nonetheless.

It is better to have all of your ducks in line and get all of the
evidence you can before you bring the offending party in and fire
them.

Using inappropriate means to gather evidence is like handing your
opponent (or his lawyer) a loaded gun.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]