Psst. Need some spy-on-employees tech? Ask Oriium Yorkshire-based "IT solutions" firm Oriium was hawking its CX:inSync spy-on-your-employees platform at ITExpo Europe today. Its cx:inSync product is sold as an endpoint device management solution. Its big selling point is the ability for network admins to implement deduplicated backups of end-user devices. Bundled with that …
Every vendor in the spaces used Credit Card strings and they are really simple and unique format, and thus easily defined.
The trick is finding all that "other stuff", so every time with catch someone doing something bad then in retrospect we write another string search......
Else you let your IT and/or security team go trawling for anything suspicious. [and that's so good for employee moral].
"installs a virtual machine running, say OpenBSD"
If a company is following a good "whitelisting" based practise, this wouldn't be possible. As not only would you be restricted from creating the VM, but also all outbound traffic filtered, so VPN tunnels are only allowed from approved sources..
No idea how well the security measures work against it, but the VM with the VPN works quite nicely. It also helps that if you want to go browsing patents or competition websites, it's not immediately obviously your employer's IP address, which can be enough to trigger a lawsuit if they've got a trigger-happy lawyer in need of a new yacht.
"Every vendor in the spaces used Credit Card strings and they are really simple and unique format, and thus easily defined"
Sure,
That's any number between 13 and 19 digits long then, with maybe some other characters in there dividing them into groups.
Hey, my phone number is 14 digits long in international format...
As the saying goes "now you have two problems"
Before installing any employer-related app on my phone I read the Ts&Cs. The Outlook app requires permission to do a factory wipe on the phone, and even though I was assured by the employer at the time that they'd never do that, I refused to install it on my personal phone. OK, I lose some functionality (although it turned out that I could have IMAP access to my email without any strings) but if it's important then they can provide the phone.
My device, my rules. If you want your rules then supply the device.
Exactly, but sometimes you can afford to be flexible.
For example, I run Windows in a VM over Linux on my laptop.
It costs me, ahem, nothing to clone that VM and integrate it into a customer's network. As long as I don't bring up two clones simultaneously, it works fine. At the end of a contract, the VM can be wiped or archived.
The basic problem is that to be very secure you have to hobble your business. You are then into a "risk" vs "actual revenue loss / increased cost" situation. Which path you take will depend on what type of employer you are and what kind of data you deal with. Financial call-centres will take one path, infrastructure transformation consultancies will take another.
They must at least trust their IT staff. Giving them the means to easily scan an employers files seems crazy, I hope the auditing is up to spec, I've seen several cases of people being harassing and even stalking of female employees, it unfortunately happens when a good percentage of technical staff fall into the stereotypical geek profile.
The moment I read "Bundled with that is the ability for network admins to see the location of devices such as smartphones and tablets and even remotely brick them." the red flags started flying like New Year's Eve party confetti as all the Ref's on the field screamed bloody murder. I may be using my device to assist in my work but you do NOT get to wipe it. You destroy my data & I'll return the favor by turning your network into a smoking, smouldering, slagged pile of molten glass & melting electronics.
I prefer to start with being selective with whom I employ. We have surveillance on most systems, but that's more set to prove compliance, so to prove that people do the RIGHT thing rather than scan for doing the wrong thing.
I may have more exposure to attempts to liability charges if something goes wrong, but the atmosphere is much better if you start with a team that feels you trust them, which reduces the likelihood of that happen. In my experience, people seek to meet your expectations, so set them high and positive.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
