As a financial institution, they are required to have an officer in charge of data security. In the event of a breach, that officer may be held liable for criminal penalties for negligence. I don't have the beginning of the thread to say whether what they are doing would be considered negligent by industry experts, but I wonder if their GLBA compliance officer would bet their freedom on that user's hunch over say, your expert opinion.
Bill Songstad -----Original Message----- From: Blaine Fleming [mailto:[EMAIL PROTECTED] Sent: Friday, January 25, 2008 12:46 PM To: NT System Admin Issues Subject: Re: Spyware keylogger capture examples comments inline. > With written permssion, install BackOriface on that person's sysem. Let > them work as usual for a while. Then show him what is captured. > I already tried going this route with them and the response was that of course it will capture everything because I have full permissions on the network. They don't believe that spyware can silently install a keylogger and have permission to capture encrypted data. Trying to explain how they work hasn't helped but they made it very clear that if I can show an actual real world example they will believe it. The logic is severely flawed but it is a small business that requires all users be allowed to install all the personal software they want. It recently came up when someone installed a program full of spyware on their computer and the system started running slow. Upon inspection I found a lot of this stuff and a keylogger installed but it hadn't captured any data yet. To complicate matters it is a company that deals with a lot of personal financial information. To be honest, I will never send any transactions through this company because of the restrictions they put on me when it comes to implementing security. It seems like they would rather have their employees playing games than protecting the heart of their business. --Blaine ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
