[ZendTo] Antwort: Re: Antwort: Re: Security Issue - Data Leakage Prevention
patrick.gaikowski at kaufland.com
patrick.gaikowski at kaufland.com
Thu Mar 1 11:27:28 GMT 2012
Hi Jules,
USB is prohibited in our company and Personal Network Storages like dropbox
etc. are blocked because of Contentfilter.
Users from company who have the right in LDAP should upload files to
anywhere they want. The is a workflow behind requesting this right.
But my focus is if a user has not the right for logging in. In this case he
makes a dropoff to his own address in company, because Freemail addresses
are also blocked because of Content Filter.
Is there a possibility to check the email in the verify.php if the user is
unregistered?
Mit freundlichen Grüßen / Best regards
Patrick Gaikowski
Tel: +49 7132 94 3568
Fax: +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design und
IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg
http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!
Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163
Jules <Jules at zend.to>
Gesendet von:
zendto-bounces at zend.to
ZendTo Users <zendto at zend.to>
01.03.2012 12:18
Thema
[ZendTo] Re: Antwort: Re: Security
Bitte antworten Issue - Data Leakage Prevention
an
ZendTo Users
<zendto at zend.to>
On 01/03/2012 11:04, patrick.gaikowski at kaufland.com wrote:
Hello Jules,
yes i mean someone working for my company.
My idea would be some kind of "blacklist" for email domains used in
unregistered dropoff. Is there a possibility to implement it?
I don't quite see why this is only a problem with "unregistered users", by
which I guess you mean people from your own company who haven't logged in?
People who have logged in will be able to do the same.
Note that ZendTo does log the IP address a drop-off came from, so you would
be able to see who had done it by looking through your logs.
Why doesn't the user just copy it onto a USB stick that they have in their
pocket? Surely that's simpler? Or upload it to any of the various free
cloud storage services there are (such as Dropbox, Evernote, iCloud,
SkyDrive, etc etc)?
Jules.
What other things can a do, not to prevent it completely, but
decrease the possibility.
Mit freundlichen Grüßen / Best regards
Patrick Gaikowski
Tel: +49 7132 94 3568
Fax: +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design und
IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg
http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!
Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163
Inactive
hide details for Jules ---01.03.2012
10:28:39---Jules
<Jules at zend.to>Jules ---01.03.2012
10:28:39---Jules <Jules at zend.to>
Jules <Jules at zend.to>
Gesendet von:
zendto-bounces at zend.to
01.03.2012 10:25 ZendTo Users
<zendto at zend.to>
Bitte antworten an
ZendTo Users
<zendto at zend.to> Thema
[ZendTo] Re: Security
Issue - Data Leakage
Prevention
By "unregistered user" do you mean someone who works for your
company? If so, ZendTo won't stop them stealing files from your
company. No-one can stop that unless you cavity search your employees
at the end of each working day.
Jules.
On 29/02/2012 17:06, patrick.gaikowski at kaufland.com wrote:
Hallo Jules,
one of my colleagues pointed a scenario out where he could
upload a file to outside the company without rights to do it.
For us it is a big security issue!
1.) unregistered user clicks on Drop-Off and sends an email to
his company email address
2.) unregistered user uploads a file from company network to
his own company email address
3.) unregistered user forwards the upload information to his
private email address from Mail Client
4.) unregistered user Picks up the file from his private PC
My question is, if it is possible to exclude the company email
domains, like defined in preferences.conf, from getting an
upload link to corporate email without Authorization?
Mit freundlichen Grüßen / Best regards
Patrick Gaikowski
Tel: +49 7132 94 3568
Fax: +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design
und IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg
http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!
Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CITP CEng
www.Zend.To
Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
I see it shining plain,
The happy highways where I went,
And cannot come again.' - A.E. Houseman
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CITP CEng
www.Zend.To
Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
I see it shining plain,
The happy highways where I went,
And cannot come again.' - A.E. Houseman
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/73a506e8/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/73a506e8/attachment-0002.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/73a506e8/attachment-0003.gif
More information about the ZendTo
mailing list