Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Re:Perspectives (Score 4, Interesting) 782

LOL. We're not injecting anything.

We've got a Microsoft Enterprise PKI.

Our own Root CA, Policy CA, and Issuing CA.

All of the machines that are joined to our domain are company-owned workstations and servers.

The Local & Personal Certificate Stores are controlled through Group Policy.

All of our workstations have our internal root certificate already on the machines, and all of our workstations and servers explicitly trust our root certificate.

Again: Our stuff. Our network. Our data. You have no privacy.

If employees stopped conducting themselves like they thought they had privacy while they were surfing the net while they were at work they wouldn't be so shocked and amazed when they find out they have none.

Comment Re:Perspectives (Score 2) 782

Not saying I disagree with anything you've written, but the courts have stated an employee has an implicit expectation of privacy while reading their blackberry sitting on the toilet.

However, they have none while they're surfing the net.

There is a distinct difference than an employer installing a video camera in the bathrooms than installing technical controls to fulfill their fiduciary and regulatory responsibilities to protect their trade secrets and other company data.

Comment Re:Perspectives (Score 1, Interesting) 782

Well for starters, most of that work is done by our compliance folks. The group that I'm in just manages the infrastructure.

I'm fairly confident thought that spreadsheets would easily be detectable provided the information wasn't encrypted within the spreadsheets.

Most of the alerts are generated by folks themselves doing personal business while at work.

As for the stuff we might not be able to detect - again - encryption is key (pun intended).

But in all honesty a lot depends on the data classification, which is set by the data owner.

Confidential data is supposed to be encrypted while the data is at rest and while it's in motion.

In that regard the data leakage products aren't going to see it.

(Yes I know a malicious actor could just as easily encrypt our own precious data and send it to themselves undetected.)

Look, security is a balancing act. A company could make their network more secure than it is but no work could get done if they did. No company can be expected to plug all the holes that might exist, but you look for the highest risks with the largest impacts and you mitigate those risks accordingly.

Slashdot Top Deals

Genius is ten percent inspiration and fifty percent capital gains.

Working...