Sportbike World banner

1 - 7 of 7 Posts

·
Registered
Joined
·
2,442 Posts
Discussion Starter #1
I know this is a Sportbike forum, but I also know that alot of the member here are pretty computer savi so I figured I give it a shot here to.

Here's whats going on. My dad called me earlier today and said that someone in his works IT department remotely logged into his computer and acessed his personal files. Who ever did this wasn't to bright, my dad is completly computer illiterate, but was able to tell what happened because he checked the user log in's and saw that his computer was accessed as well as what files were viewed. He asked me to come up and secure his files so that this couldn't happen again. I'm trying to think of possible ways to do this. I don't think he has full administrative rights, but he can install programs and such. His boss agrees fully that this needs to be adressed, so I can get administrative rights if necessary but I would prefer to bypass the IT department since thats where the problem seems to lie.

These are my thoughts so far, first would be to create a folder that is only accesible by a particular user, that being my dad. But from my knowledge of Windows Server 2003 an administrator can take ownership of folders fairly easily. If their is a way to make this method work and prevent unauthorized viewing of the data, this would be my prefered route.

My second thought was to move the data to a thumb drive, but I fear my father would forget to remove it and we would be back to square one. If thier is a way to make a restricted partition on the HD or secure the thumb drive, I would be interested in this route. It's simple and seems fairly secure. I'm not worried about loss of the acutual thumb drive or theft of it since his office is behind lock and key, and the IT department does not have access.

My third thought was to encrypt all the files with a 256bit or larger encryption system. This seems like the most secure way to do it, the only problem would be if he forgets his password or someone places a key logger onto his PC. But then again, if the person was dumb enough not to delete their log in from the reccord, I don't think this will be an issue.

Those are my only thoughts thus far. His work is trying to do this without making a big deal out of it, or paying for it, so naturally they went for a semi-computer savi son of a worker lol. I know their is no way to make this 100% secure, because as long as their is a desire, someone can get it, it just comes down to how much they want to. I'm looking to make it very very inconvientent for whom ever is causing this problem. Any suggestions or ideas would be appreciated greatly.

Thanks alot,
Sepias
 

·
Strength and Honor
Joined
·
6,143 Posts
If your dad is fighting the IT department, I think the data stored on his workstation should be at the bottom of the list of issues. He IS the client, isn't he? IT in all cases I can think of should have access to his system and if there's a reason they shouldn't, then he should have one built within his own domain, thus preventing all others from accessing it. But somebody's gotta setup the domain. This is just a weird comment.

Yeah, USB drive or desktop encryption are the best bets but include overhead issues.
 

·
Registered
Joined
·
2,442 Posts
Discussion Starter #3
I'm not worried about the cost, so long as the solution is simple. The main problem with it all is, the IT guys got into some sensative data about certain officials within the organization he works with and they may leak it to the press... I'm not sure what they got into, but that is what I've been told. I'm not sure why they don't want to go with a professional, but for some reason he and his boss would rather I deal with it. He is the client, but he is also the vice president of his work, unfortunatly the way the organization is laid out, he can't directly get rid of the IT guy that did this, and the president has loyalties to him and won't fire him. It's a really F'ed up situation. If you can think of any other simple solutions that would be effective, let me know.

Thanks,
Sepias
 

·
Registered
Joined
·
1,991 Posts
Hi SepiasSoul-

If your father is at the VP level can he simply opt to work from home on a machine not connected to the corporate network? All of his work can be saved to a thumb drive that he will need to ensure is safely in his pocket whenever he steps away from the machine. With all of the Sarbanes-Oxley accounting and financial regulations out there everything on one's work computer must be squeaky-clean.

Is this something personal or professional in nature? Either way, the horse seems as if it is already out of the barn. Wouldn't the IT department be on the hook for releasing private corporate information if it is related specifically to work? I'm inclined to think if he boosted the physical security of his office and relied on a thumb drive for his work he could resolve most of these issues.

~ Blue Jays ~
 

·
Registered
Joined
·
2,442 Posts
Discussion Starter #5
It probably would, but he is computer iliterate, old, and senile so he would most likely forget to remove the thumb drive and it would be back to square one. It was a sort of a work related file, I beleive it was from his past job that he still does freelance work for. It apparently increminated someone from his last job who is already facing some charges of some sort. I'm not sure wether they will need me or not, he might be resigning (my dad not the guy in the file). He and his boss had been having some disagreements latley, and not firing the IT guy might be the last straw. We will see. Thanks for your input though. If you come up with any more ideas, let me know. I'm also looking for ways to secure my server 2003 at home. I've been "loosing" files since I gave my mom access to some of my externals.

Sepias
 

·
Strength and Honor
Joined
·
6,143 Posts
Jays has a good suggestion of working from home. Alternatively, he could get a laptop and work from that at the expense of the company.

In the mid and large orgs I've worked in, IT signs off on being fully responsible for working with all institutionally sensitive data and therefore are highly trusted members of the staff. Regular audits ensure that everyone is in line, too. Its always sad to hear of someone of our ilk perhaps abusing their position but it wouldn't be the first time its happened.

I think PGP is going to be the way to go for you. If remembering passwords is a problem, there are many options to securely store passwords on workstations and only require the user to remember one password. You or his boss could even serve as the backup keeper of the password in case your dad forgets it.
 

·
Registered
Joined
·
2,442 Posts
Discussion Starter #7
That might be the way to go. I'll have to find out if he is still there or not. He was really pissed last night and might have quite, I wouldn't put it past him. Thanks for your help Kanwisch and Blue. I don't think the guy that did this is a trained IT guy, he seems to be way to clumsy for that, but you never know.

Sepias
 
1 - 7 of 7 Posts
Top