RE: off-premise laptops

["Paul Melson" <pmelson () gmail com>]

-----Original Message-----
Subject: off-premise laptops

> That anyone offsite could be able to access,and add,an admin acct to a
laptop is just beyond me.

Give it a couple more years, you'll eventually get jaded to the point that
your reaction goes from disbelief to mere frustration, and eventually you
just expect it.


> surely everyone has heard of vpn's or dummy terminals.Or even virtual
streaming by now.

Surely. :)


> OK rant out of the way,how could that be improved upon,without locking out
the people on the helpdesk or 
> desk admin set,and still make the laptop itself,secure,without making it a
dummy that had to dial-in?

Physical access is game over.  Period.  There are some things you can do to
a laptop (full-disk encryption, BIOS passwords, etc.) to make it difficult
to compromise, but if an authorized user is a willing accomplice and/or the
attacker has the necessary knowledge, there's nothing* you can do to the
laptop to prevent this type of thing from happening.

PaulM

* Nothing that leaves the laptop in a usable state for the employee that
needs it to work, at least.


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------