[ZendTo] Security Issue - Data Leakage Prevention

patrick.gaikowski at kaufland.com patrick.gaikowski at kaufland.com
Wed Feb 29 17:06:25 GMT 2012



Hallo Jules,

one of my colleagues pointed a scenario out where he could upload a file to
outside the company without rights to do it.

For us it is a big security issue!

1.) unregistered user clicks on Drop-Off and sends an email to his company
email address
2.) unregistered user uploads a file from company network to his own
company email address
3.) unregistered user forwards the upload information to his private email
address from Mail Client
4.) unregistered user Picks up the file from his private PC

My question is, if it is possible to exclude the company email domains,
like defined in preferences.conf, from getting an upload link to corporate
email without Authorization?

Mit freundlichen Grüßen / Best regards

Patrick Gaikowski
Tel:     +49 7132 94 3568
Fax:    +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design und
IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg


http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!

Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120229/7d9a0aef/attachment.html 


More information about the ZendTo mailing list