Linux Network Security issue

Repost: from os.linux.security.

Hello,

I am an assistant to admin that operates on a Linux backbone server
with Windows XP operating as the GUI for the employers of the company.

The problem is simple:

Our boss wants to protect all his documents/pictures on his server from
being copied by an employee. Sometimes when an employee leaves the
company, he or she can just dump 100Gigs of data onto a DVD or USB or
HD and then run away with vital company information.

How can this be stopped?

A simple solution is to track the amount of data is the moved or copied
by each logon and simply flag high traffic ones.

Any suggestions or directions?

Thanks all!

Chris

(E-Mail Removed) writes:

> Our boss wants to protect all his documents/pictures on his server from
> being copied by an employee. Sometimes when an employee leaves the
> company, he or she can just dump 100Gigs of data onto a DVD or USB or
> HD and then run away with vital company information.
>
> How can this be stopped?

Set user permissions so only your boss have read access to the vital
company information.

> A simple solution is to track the amount of data is the moved or copied
> by each logon and simply flag high traffic ones.

How big is your company's business plan? I'm guessing it's not big
enough for the login session to be flagged as a high traffic login if
someone tries to copy it.

--
Jacob

(E-Mail Removed) wrote:
> Repost: from os.linux.security.
>
> Hello,
>
> I am an assistant to admin that operates on a Linux backbone server
> with Windows XP operating as the GUI for the employers of the company.
>
> The problem is simple:
>
> Our boss wants to protect all his documents/pictures on his server from
> being copied by an employee. Sometimes when an employee leaves the
> company, he or she can just dump 100Gigs of data onto a DVD or USB or
> HD and then run away with vital company information.
>
> How can this be stopped?

Keep his data off the network.

Robert

>
> A simple solution is to track the amount of data is the moved or copied
> by each logon and simply flag high traffic ones.
>
> Any suggestions or directions?
>
> Thanks all!
>
> Chris
>

(E-Mail Removed) wrote:

> Repost: from os.linux.security.
>
> Hello,
>
> I am an assistant to admin that operates on a Linux backbone server
> with Windows XP operating as the GUI for the employers of the company.
>
> The problem is simple:
>
> Our boss wants to protect all his documents/pictures on his server from
> being copied by an employee. Sometimes when an employee leaves the
> company, he or she can just dump 100Gigs of data onto a DVD or USB or
> HD and then run away with vital company information.
>
> How can this be stopped?
>
> A simple solution is to track the amount of data is the moved or copied
> by each logon and simply flag high traffic ones.
>
> Any suggestions or directions?
>
> Thanks all!
>
> Chris

Any information you give the employees access to is information they can
take out the door. You can disable being able to write to CD's and USB mass
storage, but critical information can still be printed to a printer, are
you going to disable printing for everyone? No. Information can also be
attached to Email and sent. Allow them web access? They can set up a web
server at home and send the info home over encrypted http protocol. Once
you give access to information, it is extremely difficult to prevent a
clever person from getting it out of the company. Yes, you can search every
employee every time they leave the building. Are you going to search every
visitor? But what if your employee wrapped it up in a package and sent it
UPS? Now you have to search every package and letter sent from your
company. Are you going to read every email? Check all web traffic?

This is NOT a Linux Security issue. It is a security issue but it is not
JUST a Linux issue.

You would need to set up a comprehensive security policy that address
everything from who sees what to how trash is handled. You then need to set
up procedures and technologies to enforce the policy as best as possible.
In short, information security is a company wide issue that requires a
company wide security system that deals with every aspect of the business.
Included in this should be harsh penalties for anyone violating the
security policy.
--
Still waiting for a rational answer from Bittwister to this:
<nfqlo3-(E-Mail Removed)>.

In comp.os.linux.networking (E-Mail Removed):
[..]
> I am an assistant to admin that operates on a Linux backbone server
> with Windows XP operating as the GUI for the employers of the company.

> The problem is simple:

> Our boss wants to protect all his documents/pictures on his server from
> being copied by an employee. Sometimes when an employee leaves the
> company, he or she can just dump 100Gigs of data onto a DVD or USB or
> HD and then run away with vital company information.

The solution is as simple.

Ask boss to hire competent IT stuff.

[..]

Good luck

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo (E-Mail Removed) | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 339: manager in the cable duct

left_coast <(E-Mail Removed)> writes:

>(E-Mail Removed) wrote:

>> Repost: from os.linux.security.
>>
>> Hello,
>>
>> I am an assistant to admin that operates on a Linux backbone server
>> with Windows XP operating as the GUI for the employers of the company.
>>
>> The problem is simple:
>>
>> Our boss wants to protect all his documents/pictures on his server from
>> being copied by an employee. Sometimes when an employee leaves the
>> company, he or she can just dump 100Gigs of data onto a DVD or USB or
>> HD and then run away with vital company information.
>>
>> How can this be stopped?
>>
>> A simple solution is to track the amount of data is the moved or copied
>> by each logon and simply flag high traffic ones.
>>
>> Any suggestions or directions?
>>
>> Thanks all!
>>
>> Chris

>Any information you give the employees access to is information they can
>take out the door. You can disable being able to write to CD's and USB mass
>storage, but critical information can still be printed to a printer, are
>you going to disable printing for everyone? No. Information can also be
>attached to Email and sent. Allow them web access? They can set up a web
>server at home and send the info home over encrypted http protocol. Once
>you give access to information, it is extremely difficult to prevent a
>clever person from getting it out of the company. Yes, you can search every
>employee every time they leave the building. Are you going to search every
>visitor? But what if your employee wrapped it up in a package and sent it
>UPS? Now you have to search every package and letter sent from your
>company. Are you going to read every email? Check all web traffic?

>This is NOT a Linux Security issue. It is a security issue but it is not
>JUST a Linux issue.

It is not a linux security issue at all. He says they run Win XP. That is
not a linux distribution.

He needs to set up a proper user/ACL policy on the XP machines, and a
user/permissions on Linux.




>You would need to set up a comprehensive security policy that address
>everything from who sees what to how trash is handled. You then need to set
>up procedures and technologies to enforce the policy as best as possible.
>In short, information security is a company wide issue that requires a
>company wide security system that deals with every aspect of the business.
>Included in this should be harsh penalties for anyone violating the
>security policy.
>--
>Still waiting for a rational answer from Bittwister to this:
><nfqlo3-(E-Mail Removed)>.