how to prevent data/informations on production environment?

  • Thread starter Thread starter Andreiu U.
  • Start date Start date
A

Andreiu U.

There's a new policy available for Win XP SP2.
The new policy is set in the Registry i
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\StorageDevicePolicies
as a DWORD named WriteProtect. When set to 1, all USB removable drive
are write-protected. When set to 0 (or when the DWORD entry is remove
entirely), USB drives can once again be written to. This is
machine-level setting and not a user-level setting.

Andrei Ungureanu
www.eventid.net
Free Windows event logs reports
http://www.altairtech.ca/evlog/

*The management which concern that when staff resigned,
Who robbed some important data such as Email, documents, etc...,
(write to their portable devices(USB memory, portable USB HD))~
Any suggestions to prevent this issues ??

I had tried to using the EFS & Auditing the object access for thi
purpose
but it 's inconveniently to management~
Pls give some advices ~

Thanks in advance~
Clinf
Click to expand...


-
Andreiu U
 
The management which concern that when staff resigned,
Who robbed some important data such as Email, documents, etc...,
(write to their portable devices(USB memory, portable USB HD))~
Any suggestions to prevent this issues ??

I had tried to using the EFS & Auditing the object access for this purpose
but it 's inconveniently to management~
Pls give some advices ~

Thanks in advance~
Clinf
 
Clinf said:
The management which concern that when staff resigned,
Who robbed some important data such as Email, documents, etc...,
(write to their portable devices(USB memory, portable USB HD))~
Any suggestions to prevent this issues ??

I had tried to using the EFS & Auditing the object access for this purpose
but it 's inconveniently to management~
Click to expand...

Tough (for them.)

Security is practically always a trade-off with CONVENIENCE.

If you lock your door (car, home, etc.) then you must
carry and use your key to get in. Less convenient.

If you add more entrances to a building (during construction
or modification) you offer more targets for attack by thieves
etc.

This latter idea is called "attack surface" in network and
systems security.

EFS is one approach and should offer practially no significant
inconveniences.

In some sense you can never be fully protected from ROGUE
ADMINS nor from users who misuse date which they control.

(Barring some sort of secure building, CIA-like setup.)
 
Back
Top