You would know that, too, wouldn't you? Roger ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA
> -----Original Message----- > From: Ed Crowley [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, December 17, 2002 1:03 AM > To: Exchange Discussions > Subject: RE: Securing the OWA Kiosk > > > Don't sell yourself short. You're a technical pr!ck. > > Ed Crowley MCSE+I MVP > Technical Consultant > hp Services > "There are seldom good technological solutions to > behavioral problems." > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf > Of Roger Seielstad > Sent: Monday, December 16, 2002 5:29 AM > To: Exchange Discussions > Subject: RE: Securing the OWA Kiosk > > > Nah - I'm a completely non-technical pr!ck. > > Or as another sysadmin here has been known to say - > technology misapplied. > > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: William Lefkovics > [mailto:[EMAIL PROTECTED]] > > Sent: Friday, December 13, 2002 10:57 PM > > To: Exchange Discussions > > Subject: RE: Securing the OWA Kiosk > > > > > > > > Ah... a technical solution for a behavioral problem. > There sure are > > lots of those. > > > > William > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]] On > Behalf Of Roger > > Seielstad > > Sent: Friday, December 13, 2002 7:10 AM > > To: Exchange Discussions > > > > We have plenty of people who would ditch Outlook > entirely in that > > scenario - even AT their desks. Not gonna happen on > my watch. > > > > Not to mention, sooner or later they'd get really > pissed having to use > > the SecurID keyfob to log into their email. > > > > > ------------------------------------------------------ > > Roger D. Seielstad - MCSE > > Sr. Systems Administrator > > Inovis - Formerly Harbinger and Extricity > > Atlanta, GA > > > > > > > -----Original Message----- > > > From: William Lefkovics > [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, December 13, 2002 9:44 AM > > > To: Exchange Discussions > > > Subject: RE: Securing the OWA Kiosk > > > > > > > > > > > > You're such an email nazi. ;o) > > > > > > I used to use OWA when away from my desk elsewhere > in the office. > > > > > > William > > > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED]] On > Behalf Of Roger > > > Seielstad > > > Sent: Friday, December 13, 2002 5:44 AM > > > To: Exchange Discussions > > > > > > I don't support OWA via VPN - if you're VPN'ed in, > use Outlook. In > > > fact, I've IP-limited OWA to external users only. > We provide Outlook > > > for a reason > > > - we expect it to be used. > > > > > > As I said before, we do secure OWA with a > multi-factor one time use > > > authentication system (RSA's SecurID) which works > well. > > > > > > > ------------------------------------------------------ > > > Roger D. Seielstad - MCSE > > > Sr. Systems Administrator > > > Inovis - Formerly Harbinger and Extricity > > > Atlanta, GA > > > > > > > > > > -----Original Message----- > > > > From: Martin, Jon [mailto:[EMAIL PROTECTED]] > > > > Sent: Thursday, December 12, 2002 1:38 PM > > > > To: Exchange Discussions > > > > Subject: RE: Securing the OWA Kiosk > > > > > > > > > > > > Mark, > > > > > > > > Thanks - interesting audit. If we decide to go > forward with > > > > allowing non-VPN clients access to Outlook we > will take a closer > > > > look at the product. Is > > > > anyone aware of similar products? > > > > > > > > A question for the group on a related topic: is > it common practice > > > > to allow non-VPN clients to access Outlook via > OWA, or do most > > > > companies require at > > > > least a VPN connection? > > > > > > > > Jon > > > > > > > > -----Original Message----- > > > > From: Mark Rotman [mailto:[EMAIL PROTECTED]] > > > > Sent: Thursday, December 12, 2002 9:52 AM > > > > To: Exchange Discussions > > > > Subject: RE: Securing the OWA Kiosk > > > > > > > > Jon, > > > > > > > > You could have a look at this OWA audit for some > more details. Be > > > > aware that the document is useful, but the > issues in it (as well > > > > as > > > your #1) are > > > > handled by Messageware's SecureLogoff product. > > > > > > > > http://www.messageware.net/audits/owa.html > > > > > > > > -----Original Message----- > > > > From: Martin, Jon [mailto:[EMAIL PROTECTED]] > > > > Sent: Wednesday, December 11, 2002 3:22 PM > > > > To: Exchange Discussions > > > > Subject: Securing the OWA Kiosk > > > > > > > > > > > > How are folks handling the following potential > security risks > > > > using OWA from unsecured workstations, such as a > kiosk or library > > > > environment? > > > > > > > > 1. Cached web pages, etc. on the workstation. > User walks > > > away without > > > > closing the browser, the next user has access to > the previous > > > > users' email. > > > > > > > > 2. Stealth keyboard capture program grabs > userids and passwords. > > > > > > > > It seems like there is a common train of thought > about remote OWA > > > > that 'It is only email, what is the worst that > could happen?' My > > > > take is someone who > > > > has unauthorized access to email can > potentially: > > > > > > > > - Get people fired; > > > > - Get people arrested; > > > > - Get companies/people sued; > > > > - Cost companies/people money. > > > > > > > > Thanks . . . > > > > > > > > Jon Martin > > > > Systems Programmer > > > > East Bay Municipal Utility District (EBMUD) > > > > Oakland, CA > > > > > > > > > > > > > > > > > _________________________________________________________________ > > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > > Archives: > http://www.swynk.com/sitesearch/search.asp > > > > To unsubscribe: > mailto:[EMAIL PROTECTED] > > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > > > > _________________________________________________________________ > > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > > Archives: > http://www.swynk.com/sitesearch/search.asp > > > > To unsubscribe: > mailto:[EMAIL PROTECTED] > > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > > > > _________________________________________________________________ > > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > > Archives: > http://www.swynk.com/sitesearch/search.asp > > > > To unsubscribe: > mailto:[EMAIL PROTECTED] > > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > > > > > > _________________________________________________________________ > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > Archives: > http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe: > mailto:[EMAIL PROTECTED] > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > > > > > _________________________________________________________________ > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > Archives: > http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe: > mailto:[EMAIL PROTECTED] > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > > > _________________________________________________________________ > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > Archives: > http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: > mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > > > > _________________________________________________________________ > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > Archives: > http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: > mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > Archives: > http://www.swynk.com/sitesearch/search.asp > To unsubscribe: > mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > > __________________________________________________ > Do you Yahoo!? > Yahoo! Mail Plus - Powerful. Affordable. Sign up now. > http://mailplus.yahoo.com > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
