Here, computers with access to that type of data are in a seperate locked room, no network access, no working USB ports, no writeable optical disk... Not really sure if there is a rule against cameras in that room...
On Wed, May 4, 2011 at 3:47 PM, Jeff S. Gottlieb <[email protected]>wrote: > > > We are searching for a method to BLOCK end-users from ATTACHING and > EMAILING [sensitive] docs located on a SPECIFIC FOLDER of the share. > > > > *What we have accomplished thus far:* > > 1) Using Sophos we activated “*Device* Control” preventing end-user from > coping to Storage, Network, or Short Range devices > > 2) Using Sophos we also activated “*Data* Control”… thus creating email > alerts detailing the sender /recipient, time /date, and name /location of > attachment > > 3) All documents are converted to PDF with security options that prevent > copy /paste, and printing > > 4) End-users are NOT allowed Internet access > > > > Owners are left **totally** unsatisfied with all the above, as these > measures are not preventative enough. > > Leaving any of the end-users without ability to email is NOT an option. > > Leaving a [public] workstation open, available with access to this SPECIFIC > FOLDER, and then having no email /Internet is NOT an option. > > > > These end-users are all in the CAD design department. > > Given the nature of the business, suffice-it-to-say, one drawing in email > could represent a significant loss. > > Sadly, the owners feel they cannot entirely rely on the loyalty of > generously paid employees [with great benefits], company policies, and or > legalese. > > > > Thanks in advance for any suggestions… comments. Cheers, -J > > > > > > *EMPLOYEE Supposition:* > > Surely in created the level of sophistication placed in Sophos with *Device > & Data* Control suggests that a greater need exists to protect the > employer’s intellectual property. > > Along with these concepts, the end-users themselves have become more > sophisticated and perhaps unfortunately [these days] more-willing to place > their positions on the line. > > > > I guess if we’ve done our IT job… than the end-users ONLY option is to snap > a photo using a cell-phone. > > What then will the employer do?? Add company policy to include NO CELL > PHONES?? Imagine a world AT WORK without texting, tweeting, and the > occasional personal call??? Ouch! > > > > *EMPLOYER Supposition [slave-master]:* > > Add video surveillance too!!!! :--/ > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > -- Probable Contrarian ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
