hotmail security

amyamandaallen

Hi,

This has either been asked a million imes before or this simply cannot be done.

Working in a financial industry we try to be as careful as we can with dataflow out of the building. ISA Firewall locking down pretty much everything, no access to c: drives, no usb, no cd roms, achived email of everything sent from any of our staff ( if needed ), internet usage etc...

However one thing that we have an issue with is the internet. We need this running for quite a number of staff as theres lots of research etc. This of course leaves us open to users being able to log onto hotmail ( and a thousand other webmail type accounts ) and can possibly leek company info out either cut and pasted or as an attachment.

Is there any way we can monitor what goes out the building if needed? or being able to block attachments from being sent? I presume this also sets of some civil rights alarm bells too?

Any thoughts you security specialists?

Cheers

Amy

dave0212

I am unaware of being able to monitor copy and paste but would recommend implementing some web surfing control program i.e WebSweeper to prevent web mail access

liven

I agree, monitoring the copy and paste thing would be extremely difficult.

However if you block webmail applications it is a start.

We have employed:

squid,
webwasher
websense
bluecoats

These are all proxys ore web content filtering systems.

They can also work with subscription services such as smartfilter.

Start by blocking all webmail, and anonymous proxies, then from there you can start watching logs and see what else needs to be blocked. Most of these tools have very robust reporting capabilities so you can really see what needs attention.

Kasor

Websense will be a good solution for you. However, I don't record anything to monitor copy/paste. I have to check.

blargoe

There is a Microsoft app called Windows Rights Management Service that might be up your alley. I've never used it personally, but I think the author can prevent copy/cut/paste/modify/forward as attachment, etc.

http://www.microsoft.com/windowsserver2003/evaluation/overview/technologies/rmenterprise.mspx

datchcha

Kasor wrote:

Websense will be a good solution for you. However, I don't record anything to monitor copy/paste. I have to check.

Websense would be great for this, and use it as a proxy. I would also create a AD group and disabled the end users ability to uncheck "Automatically Detect Proxy Settings" under IE.

I currently deploy and implement Websense integrated with AD and an Cisco ASA firewall. I have pretty much every mainstream email client locked down. I also perform captures with wireshark to look for anything that would flag my attention as being an web email app.

techgeek07

alright, somewhat over-stepping my bounds here... but, if you don't want to spend more money or pc resources (it sounds like your probably already running alot in the background), why not, modify the host files to block the commonly used e-mail sites and push it out through log in script? Granted, I work for a non-prof right now and don't have much money, so I try to do things as cheaply as possible.

seuss_ssues

dave0212 wrote:

I am unaware of being able to monitor copy and paste but would recommend implementing some web surfing control program i.e WebSweeper to prevent web mail access

Thats not really that difficult. Setup a machine to sniff the network traffic as it goes out. As long as its not encrypted then you are good to go.