Options
hotmail security
amyamandaallen
Member Posts: 316
in Off-Topic
Hi,
This has either been asked a million imes before or this simply cannot be done.
Working in a financial industry we try to be as careful as we can with dataflow out of the building. ISA Firewall locking down pretty much everything, no access to c: drives, no usb, no cd roms, achived email of everything sent from any of our staff ( if needed ), internet usage etc...
However one thing that we have an issue with is the internet. We need this running for quite a number of staff as theres lots of research etc. This of course leaves us open to users being able to log onto hotmail ( and a thousand other webmail type accounts ) and can possibly leek company info out either cut and pasted or as an attachment.
Is there any way we can monitor what goes out the building if needed? or being able to block attachments from being sent? I presume this also sets of some civil rights alarm bells too?
Any thoughts you security specialists?
Cheers
Amy
This has either been asked a million imes before or this simply cannot be done.
Working in a financial industry we try to be as careful as we can with dataflow out of the building. ISA Firewall locking down pretty much everything, no access to c: drives, no usb, no cd roms, achived email of everything sent from any of our staff ( if needed ), internet usage etc...
However one thing that we have an issue with is the internet. We need this running for quite a number of staff as theres lots of research etc. This of course leaves us open to users being able to log onto hotmail ( and a thousand other webmail type accounts ) and can possibly leek company info out either cut and pasted or as an attachment.
Is there any way we can monitor what goes out the building if needed? or being able to block attachments from being sent? I presume this also sets of some civil rights alarm bells too?
Any thoughts you security specialists?
Cheers
Amy
Remember I.T. means In Theory ( it should works )
Comments
-
Options
dave0212
Member Posts: 287
I am unaware of being able to monitor copy and paste but would recommend implementing some web surfing control program i.e WebSweeper to prevent web mail accessThis week I have achieved unprecedented levels of unverifiable productivity
Working on
Learning Python and OSCP -
Optionsliven
Member Posts: 918
I agree, monitoring the copy and paste thing would be extremely difficult.
However if you block webmail applications it is a start.
We have employed:
squid,
webwasher
websense
bluecoats
These are all proxys ore web content filtering systems.
They can also work with subscription services such as smartfilter.
Start by blocking all webmail, and anonymous proxies, then from there you can start watching logs and see what else needs to be blocked. Most of these tools have very robust reporting capabilities so you can really see what needs attention.encrypt the encryption, never mind my brain hurts. -
Options
Kasor
Member Posts: 933 ■■■■□□□□□□
Websense will be a good solution for you. However, I don't record anything to monitor copy/paste. I have to check.Kill All Suffer T "o" ReBorn -
Options
blargoe
Member Posts: 4,174 ■■■■■■■■■□
There is a Microsoft app called Windows Rights Management Service that might be up your alley. I've never used it personally, but I think the author can prevent copy/cut/paste/modify/forward as attachment, etc.
http://www.microsoft.com/windowsserver2003/evaluation/overview/technologies/rmenterprise.mspxIT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
Optionsdatchcha
Member Posts: 265
Kasor wrote:Websense will be a good solution for you. However, I don't record anything to monitor copy/paste. I have to check.
Websense would be great for this, and use it as a proxy. I would also create a AD group and disabled the end users ability to uncheck "Automatically Detect Proxy Settings" under IE.
I currently deploy and implement Websense integrated with AD and an Cisco ASA firewall. I have pretty much every mainstream email client locked down. I also perform captures with wireshark to look for anything that would flag my attention as being an web email app.Arrakis -
Optionstechgeek07
Member Posts: 42 ■■□□□□□□□□
alright, somewhat over-stepping my bounds here... but, if you don't want to spend more money or pc resources (it sounds like your probably already running alot in the background), why not, modify the host files to block the commonly used e-mail sites and push it out through log in script? Granted, I work for a non-prof right now and don't have much money, so I try to do things as cheaply as possible.Please excuse any spelling errors, I speak well, but, write like a five year old
-
Optionsseuss_ssues
Member Posts: 629
dave0212 wrote:I am unaware of being able to monitor copy and paste but would recommend implementing some web surfing control program i.e WebSweeper to prevent web mail access
Thats not really that difficult. Setup a machine to sniff the network traffic as it goes out. As long as its not encrypted then you are good to go.
