Announcement

Collapse
No announcement yet.

new computer for security

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • new computer for security

    Yesterday when I arrived at work I was told that the contract for the client company receptionist had not been renewed. Twenty minutes later a person
    carrying a computer on a hand-truck.

    This IT person (a client employee) set us with a wireless antennae connection from the guard-shack to the main building. He gave me the "username" and "password" information to be able to log-on.

    After he left I was looking for a directory to create a "guards" folder.
    There were existing "short-cuts" to "my computer", "web-mail" and and others.

    I was in the "my computer" area and realized there were a lot of folders/files there that contained costs for their operation. Yes; costs and schedules and percentages of profit! I have to say I was amazed that a "blue chip" company would do this without making an effort to "sanitize" the computer.

    Does anyone think this would normally be a major problem for the "tech" who did the installation? What proceedure should we use so as to inform some one but not embarrass the "tech?

  • #2
    Why is everyone always wanting to do things so that others won't get embaressed/in trouble? I know it's polite, but if you guys (security) did the equivalant of that, you'd be in trouble in a heart beat. I know no one eants to be mean, but it was the guys job, he should know how to do it.

    Comment


    • #3
      Its possible they just aren't very computer savvy. I worked for a company once that left the info for the management bonuses (workers didnt' get any) unprotected. But since the IT guy at the time thought windows 3.1 was just fine and didnt' see need to upgrade to windows 95, I wasn't too suprised.

      Comment


      • #4
        Even in "My Computer" you could actually be looking at folders residing on another system and mapped to this one.

        Either way, though, this is obviously a major breach that must be called to someone's attention.

        As I see it, you have two choices. The one most "sensitive" to the future employment of this IT tech would be to contact him directly and give him a chance to rectify the situation. The other would be to notify your site supervisor (unless that's you), who would decide how to handle it. The one thing I would strongly advise you not do is to discuss this with other officers. Perhaps not legally, but in a moral and professional sense, you are now responsible for protecting the information from improper access on this computer at least to the point that you don't blab it all over the place. It's no different from if you happened to find the company's ledgers in the parking lot.

        Oh, and by the way...don't access these files again yourself, either. They are obviously confidential, and also you don't want to lay yourself open to any possible problems such as a claim that the files were altered, etc. We sometimes have to deal with a similar situation in digital forensics in corporate settings, such as looking at private emails. As soon as we realize that we have accessed something where there's a "reasonable expectation of privacy" having nothing to do with our investigation, we have to back out of it and avoid accessing it again.
        Last edited by SecTrainer; 03-08-2009, 04:42 PM.
        "Every betrayal begins with trust." - Brian Jacques

        "I can't predict the future, but I know that it'll be very weird." - Anonymous

        "There is nothing new under the sun." - Ecclesiastes 1:9

        "History, with all its volumes vast, hath but one page." - Lord Byron

        Comment


        • #5
          Originally posted by SecTrainer View Post
          Even in "My Computer" you could actually be looking at folders residing on another system and mapped to this one.

          Either way, though, this is obviously a major breach that must be called to someone's attention.

          As I see it, you have two choices. The one most "sensitive" to the future employment of this IT tech would be to contact him directly and give him a chance to rectify the situation. The other would be to notify your site supervisor (unless that's you), who would decide how to handle it. The one thing I would strongly advise you not do is to discuss this with other officers. Perhaps not legally, but in a moral and professional sense, you are now responsible for protecting the information from improper access on this computer at least to the point that you don't blab it all over the place. It's no different from if you happened to find the company's ledgers in the parking lot.

          Oh, and by the way...don't access these files again yourself, either. They are obviously confidential, and also you don't want to lay yourself open to any possible problems such as a claim that the files were altered, etc. We sometimes have to deal with a similar situation in digital forensics in corporate settings, such as looking at private emails. As soon as we realize that we have accessed something where there's a "reasonable expectation of privacy" having nothing to do with our investigation, we have to back out of it and avoid accessing it again.
          Since this happened I have found out the full name of the employee.
          Because I have sent e-mails to the company before from my home computer
          I know the "format" for the e-mail so I can and will alert him to the problem.
          I believe that he is scheduled for vacation next week and was rushing.

          What I was really thinking was that because of the my accessing (and somehow having it show up on the record) it would be something to have to explain later.

          Comment


          • #6
            Originally posted by sec-guy View Post
            What I was really thinking was that because of the my accessing (and somehow having it show up on the record) it would be something to have to explain later.
            Yes - users accessing the files might be logged depending on whether they actually are coming from a server, and in any event opening a file stored on the local system changes the time stamps in Windows, so it could be shown presumptively that the files were accessed while you had control of the computer.

            Obviously, you stumbled across the files initially and I don't see how you can be faulted for browsing a new computer to familiarize yourself with it. It would almost be strange if you hadn't done so. However, further accesses of these files once you know they're confidential could be problematic for you so it's best to protect yourself. One of those "avoiding the appearance of evil" things.
            "Every betrayal begins with trust." - Brian Jacques

            "I can't predict the future, but I know that it'll be very weird." - Anonymous

            "There is nothing new under the sun." - Ecclesiastes 1:9

            "History, with all its volumes vast, hath but one page." - Lord Byron

            Comment

            Leaderboard

            Collapse
            Working...
            X