you really need to get down to the granularity of securing your assets. I am going to try and cover some of the basics and believe me, once i post this, many of other people are going to add to and revise and who knows what else, which is my overall purpose. this should at least provide you with a starting point on things to consider when securing data: Meet with management and top executives and gather all relevant information and statistics on business expectations and requirements along with this, try and establish some parameters of anticipated business costs related to the data. something like, how sensitive, critical, etc and how much does your organization stand to lose if this data is compromised? this loss could be financial, reputation, legal, etc find out if there is a security policy in place. is there a risk or cost analysis? is there any section where data is classified? associated with risk level, defined in terms of availability etc (who and what has access to it)? measures or mechanisms currrently in place to contain, control, or monitor access to the data? This is a very basic starting point but you catch the theme here right? you can sit around all day trying to secure and encrypt data, but until you and the organization have not only a sound understanding, but also an agreed upon and accepted/documented policy on what type of data you are dealing with etc....you are kind of chasing your own tail -----Original Message----- From: Seth Arnold [mailto:sarnoldat_private] Sent: Friday, December 14, 2001 11:50 AM To: forensicsat_private Subject: Re: data recovery On Thu, Dec 13, 2001 at 01:14:01PM -0500, Darren Welch wrote: > I am looking to protect the data on our corporate pc's. from whom? (Examples include employees, ex-employees, directed digital attacks, directed physical attacks, random digital attacks, acts of god..) What are you afraid this person may do with your data? (Examples include destroying data, changing data, selling data..) > 1. bios passwords Trivially bypassed on most machines, except perhaps for those IBM laptops you mentioned.. :) This one seems mostly annoying. This will not protect your data from trojans, virii, or legitimate users. > 2. hard disk encryption Perhaps your vendor of hard disk encryption supports key escrow as well, so that you could have a backup key stored centrally? This will not protect your data from trojans, virii, or legitimate users. > 3. drive locks. What are these? Physical locks that prevent a hard drive from being removed from the case? Consider who may be attacking your data, and what those attacks may look like. Then try to figure out what possibilities could defend against those attacks. :) Cheers -- "Soldiers quartered in a populous town will always occasion two mobs where they prevent one. They are wretched conservators of the peace." -- John Adams ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Dec 14 2001 - 18:50:53 PST