Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Laptop use in the Wild

from [sec sam] Network Security [Permanent Link]
Subject: Laptop use in the Wild
Date: Thu, 8 Feb 2007 10:09:25 -0600 
Hello Group,
I know this is old hat for many of you, I am looking for insight on
how I might approach roadblocks to laptop use out in the wild?

The issue is tough because of the cultural change it represents
towards remote computing in the organization, and the desktop groups
tremendous resistance to opening this up. There is good reason to be
concerned and to carefully way the risks but I have to believe that
the level of risk has been managed enough since so many others have
this as a "normal" part of business.

To date policy states "devices are not to connect to other networks"-
dial-up only

One limited test requires re-imaging the machine before allowing it
back on the network. I am not sure what this test is intended to show,
except maybe to prove that there is likely a more efficient way.

I find it frustrating because I know that this service can be provided
and in a "relatively" safe manner- . Some of the components in place
include two factor authentication, drive encryption, ssl/vpn and other
software such as AV and antispyware.  Still evaluating desktop
firewall solutions though.

My problem is that I am not an expert with our ssl/vpn (but will
consult with the vendor) and my level of expertise in the areas of
desktop configuration (mapping or syncing my docs, reg settings etc)
is such that I rely on the desktop groups input, which quite frankly
seems a bit tenuous. Admittedly we also need to learn about the role
of desktop firewall software in this. All while providing a relatively
problem free experience for the user.

Does anyone know of a good white paper or other documentation on
strategies for rolling this type of service out?  A discussion of the
risks as well as high level of SSL/VPN and desktop configuration.
Something that possibly provides different strategies to consider.

Personally, I would like to permit users the ability to configure
connection to a wired or wireless network in the wild, but still
require the client connect through the SSL/vpn before being able to
get anywhere on the internet- or to our companies resources. Maybe I
ask too much.


Thanks for your input.
Samara

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Laptop use in the Wild, sec sam <=
Previous by Date:  measuring performance impact, Saqib Ali
Next by Date:  Yes, trying to hack a remote control, Brian Kerley
Previous by Thread:  measuring performance impact, Saqib Ali
Next by Thread:  Yes, trying to hack a remote control, Brian Kerley
Indexes:  [Date] [Thread] [Top] [All Lists]