Home page logo

basics logo Security Basics mailing list archives

RE: Deny access to copy files
From: "Kevin Ortloff" <Kevin.Ortloff () j2global com>
Date: Fri, 13 Jun 2008 09:31:13 -0700

If you don't mind spending a 2-3 thousand, there is a good product called ' DeviceLock '. This is a global policy 
enforcer that will restrict activates on USB, External Storage, etc, etc.. You can be very specific too like only a 
certain kind of thumb drive can be used by a particular individual ( this allows you to control who has the ability to 
even use an approved drive ). Or, maybe you only want read, but no write. You can do that too.

Anyway, hope that helps. I'm sure there are other apps that can do this. I liked DeviceLock when I did my evals.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ahmed Khalid
Sent: Sunday, June 01, 2008 11:20 AM
To: focus-ms () securityfocus com
Cc: security-basics () lists securityfocus com
Subject: Deny access to copy files

I am working for a software house, they are developing a software product and their requirement is to restrict 
programmers to take the code out of office premises due to company policy. I am trying to configure a windows based 
machine which denies access to copy files to external storage devices connected to USB. There is an NTFS permission 
"Read + Execute" I guess this could do the work but is there any other way to do it? 

They also don't need programmers to take the code with them in their email.
I can restrict SMTP and POP ports but when it comes to web based emails I am clueless,  How can I restrict web based 
emails like hotmail, gmail, yahoo there are so many of these and if I somehow manage to block all web based email sites 
someone can write a script to send emails, if not a script HTTP tunneling would bypass any checks and bounds defined by 
my proxy/gateway machine. How can I block such thing?

Any help would be highly appreciated.

Ahmed Khalid 

This email, its contents and attachments contain information from j2 Global Communications, Inc. and/or its affiliates 
which may be privileged, confidential or otherwise protected from disclosure. The information is intended to be for the 
addressee(s) only.  If you are not an addressee, any disclosure, copy, distribution, or use of the contents of this 
message is prohibited.  If you have received this email in error please notify the sender by reply e-mail and delete 
the original message and any copies. j2 Global Communications. 6922 Hollywood Blvd., Hollywood, CA 90028.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]