[ZendTo] Antwort: Re: Security Issue - Data Leakage Prevention

patrick.gaikowski at kaufland.com patrick.gaikowski at kaufland.com
Thu Mar 1 11:04:15 GMT 2012 

Hello Jules,

yes i mean someone working for my company.

My idea would be some kind of "blacklist" for email domains used in
unregistered dropoff. Is there a possibility to implement it?

What other things can a do, not to prevent it completely, but decrease the
possibility.

Mit freundlichen Grüßen / Best regards

Patrick Gaikowski
Tel:     +49 7132 94 3568
Fax:    +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design und
IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg



http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!

Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163







                                                                           
   Jules <Jules at zend.to>                                                   
   Gesendet von:                                                           
   zendto-bounces at zend.to                                                  
                                       ZendTo Users <zendto at zend.to>       
                                                                           
   01.03.2012 10:25                                                        
                                                                     Thema 
                                       [ZendTo] Re: Security Issue - Data  
             Bitte antworten           Leakage Prevention                  
             an                                                            
             ZendTo Users                                                  
             <zendto at zend.to>                                              
                                                                           
                                                                           
                                                                           




By "unregistered user" do you mean someone who works for your company? If
so, ZendTo won't stop them stealing files from your company. No-one can
stop that unless you cavity search your employees at the end of each
working day.

Jules.

On 29/02/2012 17:06, patrick.gaikowski at kaufland.com wrote:


      Hallo Jules,

      one of my colleagues pointed a scenario out where he could upload a
      file to outside the company without rights to do it.

      For us it is a big security issue!

      1.) unregistered user clicks on Drop-Off and sends an email to his
      company email address
      2.) unregistered user uploads a file from company network to his own
      company email address
      3.) unregistered user forwards the upload information to his private
      email address from Mail Client
      4.) unregistered user Picks up the file from his private PC

      My question is, if it is possible to exclude the company email
      domains, like defined in preferences.conf, from getting an upload
      link to corporate email without Authorization?

      Mit freundlichen Grüßen / Best regards

      Patrick Gaikowski
      Tel:     +49 7132 94 3568
      Fax:    +49 7132 94 73568
      E-Mail: patrick.gaikowski at kaufland.com
      KI 967850: IT International / IT Governance / Netzwerk Design und
      IT-Sicherheit
      Office:
      Lindichstrasse 11
      D-74189 Weinsberg


      http://www.kaufland.de
      http://www.spannende-it.de
      Wir sind die Nr. 1:
      Kaufland ist "Bester Lebensmittelmarkt 2011"!

      Kaufland Informationssysteme GmbH & Co. KG
      Postfach 12 53 - 74149 Neckarsulm
      Kommanditgesellschaft
      Sitz: Neckarsulm
      Registergericht: Stuttgart HRA 104163









      _______________________________________________
      ZendTo mailing list
      ZendTo at zend.to
      http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto

Jules

--
Julian Field MEng CITP CEng
www.Zend.To

Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
 I see it shining plain,
 The happy highways where I went,
 And cannot come again.' - A.E. Houseman
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/8fb40496/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/8fb40496/attachment-0002.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/8fb40496/attachment-0003.gif

More information about the ZendTo mailing list