[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] blocking Google Desktop

Subject: Re: [Full-disclosure] blocking Google Desktop
From: gboyce <gboyce@xxxxxxxxxxxx>
Date: Sat, 11 Feb 2006 18:52:08 -0500 (EST)

On Sun, 12 Feb 2006, Nick FitzGerald wrote:

Go to HR, explain that the new security policy about not running Google
Desktop is make-or-break and explain why.  To achieve this you may need
higher-level management buy-in, so hopefully you can threaten exposure
under HIPAA, Sarbanes-Oxley or some such _IF_ the policy is ever
breached.  Make it a matter of "if our IDS sees traffic from your
machine to desktop.google.com (or whatever) its an automatic HR
warning", and then let your standard (two, three, whatever strikes and
you're out) HR policy deal with enforcement.

Yes. And one of the prerequisites to this is the ability to monitor anddetect this type of traffic.


Which was the reason for my response to J.A.'s e-mail.

--
Greg Boyce
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] blocking Google Desktop
  - From: J.A. Terranson
- Re: [Full-disclosure] blocking Google Desktop
  - From: Nick FitzGerald

Prev by Date: Re: [Full-disclosure] Google creates SPAM haven
Next by Date: Re: [Full-disclosure] Cisco Certifications
Previous by thread: Re: [Full-disclosure] blocking Google Desktop
Next by thread: [Full-disclosure] Re: blocking Google Desktop
Index(es):
- Date
- Thread