From: Paul Melson (pmelson@gmail.com)
Date: Thu Oct 26 2006 - 10:49:27 EDT
-----Original Message-----
Subject: off-premise laptops
> That anyone offsite could be able to access,and add,an admin acct to a
laptop is just beyond me.
Give it a couple more years, you'll eventually get jaded to the point that
your reaction goes from disbelief to mere frustration, and eventually you
just expect it.
> surely everyone has heard of vpn's or dummy terminals.Or even virtual
streaming by now.
Surely. :)
> OK rant out of the way,how could that be improved upon,without locking out
the people on the helpdesk or
> desk admin set,and still make the laptop itself,secure,without making it a
dummy that had to dial-in?
Physical access is game over. Period. There are some things you can do to
a laptop (full-disk encryption, BIOS passwords, etc.) to make it difficult
to compromise, but if an authorized user is a willing accomplice and/or the
attacker has the necessary knowledge, there's nothing* you can do to the
laptop to prevent this type of thing from happening.
PaulM
* Nothing that leaves the laptop in a usable state for the employee that
needs it to work, at least.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:14 EDT