Thought I would forward the below onto the list. Not sure if we have a
university policy in place to adequately address this sort of security
hole.
-----Original Message-----
From: [log in to unmask] [mailto:[log in to unmask]] On Behalf
Of Jeremy Moskowitz
Sent: Tuesday, May 25, 2010 3:10 PM
To: Al Puzzuoli
Subject: GPanswers.com: Scared the pants off of me
Now that I've got your attention with that festive image..
I came across this little piece of reporting by CBS news.
I have to admit.. I was totally caught off guard by this one.
Seems "gobsmackingly obvious" now that I think about it. But I never
did.
This is a report on how all the major brands of copiers STORE the images
on local hard drives. Making it SUPER EASY for the bad guys to get your
(recycled) copiers and get your important corporate data. Watch this,
then, please, figure out who to contact in your company and decide HOW
your copy machines are recycled.
https://moskowitzinc.infusionsoft.com/link/2fe750dfe0/b28720
What else can you do? Well, from a Group Policy perspective, on our
Windows PCs (and not copy machines) here are three ideas:
Idea 1:
Computer Configuration | Policies | Administrative Templates ... |
System | File System | Enable NTFS pagefile encryption
Idea 2:
"Clear Page File at Shutdown"...
Check out http://support.microsoft.com/kb/314834
(not a group policy setting, but can be delivered as a registry
preference.)
PS: This one likely wouldn't beat the forensics apps, but it's better
than nothing.
Idea 3:
You could of course, go "Full disk encryption" like BitLocker or
TrueCrypt.. that would do the trick as well.
So, that's three things to at least CONSIDER in thoughts around this
problem for high security machines that COULD be recycled. True.. I've
seen companies that literally "shred" the drives in a big "drive
cruncher machine".. but, that seems extreme considering there are
software solutions to this very problem.
Note, of course, that enabling these items could slow down your system
(especially that second one at shutdown time.) But it might be worth it
depending on the situation. For what it's worth, I'm using BitLocker on
one machine, TrueCrypt on another and notice no appreciable slowdown.
Speaking of security, and "doing all you can" to thwart the bad guys...
I'm doing my weekly PolicyPak demonstration tomorrow at 2.00 PM Eastern.
If you want "extra thumbscrews" to ensure that your security is
maintained at all times, then join me for this free informative talk.
Here's the link:
www.policypak.com/demo
Thanks.
PS: And my pants are already back on, thank you very much.
Jeremy Moskowitz
GPanswers.com (Group Policy Community)
PolicyPak.com (PolicyPak Software)
-Remove from Newsletter
https://moskowitzinc.infusionsoft.com/opt?o=6&i=148&m=85088&e=f8758e79
PolicyPak Software / GPanswers.com / Moskowitz, inc. 215 Christian
Street Philadelphia, PA 19147 United States
|