DLP is not just on endpoints. There can also be appliances inspecting all outbound traffic (including SSL decryption if you want) and scanning all email, samba shares etc etc.
having said that, I've dealt with DLP, and it only catches the stupid ones. Anyone with a little knowledge can usually bypass DLP fairly easily.
basically, grab a pcap anywhere on the network, dump it into investigator, and then sift through the data. It's really powerful, but may take a little getting used to. Shows you all kinds of neat stuff about the data, lets you slice and dice it however you want by a whole host of criteria. Highly recommended.
I'd question the wisdom of any company who basis their purchasing decision on users simply wanting to have a flashy phone, rather than wanting to actually get work done and be productive.
I completely agree here. I argued to hold out until the BB 10 comes out to at least have a look-see, but corporate didn't want to wait, and the sales guys are beating down the doors to get the new flash iPhones. I can't stand my job, and this is one of the reasons why - we don't make business decisions based on facts, evidence, ability to get job done, etc, its all based on screaming the loudest and raw emotions. I imagine it's that way in quite a few companies nowadays. *sigh*
Interesting, but not relevant. I work for a corporation that just standardized on the iPhone (against my recommendations). RIM was never even at the table. Sales, Marketing and even IT guys just don't want to be seen with a BB device anymore - they all want either an iPhone (mostly) or a Samsung GIII (minority). That's it. Its more about cool factor and being seen with the device, even in the business world.
As part of the evaluation, we spoke to close to a dozen other companies that recently went through the same process, and pretty much got the same response - that the users overwhelmingly refused to have anything to do with a RIM product, and wanted the flashy new iPhone or GIII.
...the problem is, they're not allowed to think for themselves. Education is completely irrelevant - they have to follow the scripts they have in front of them, and not deviate or they get dinged. I know, I've had to write some of these scripts for them (not IBM, but another large multinational co that does outsourced helpdesk work). The last step in any of the scripts is to escalate to Tier 2/3 - which 90% of the time is an actual employee of the company and not part of the outsourced help desk.
So how is having a college educated phone bozo any better than a high school educated one if they're not allowed to deviate from the scripts they're given?
So, a fairly public persona publicly announces that he's switching to Hotmail to give it a go. And has a weak-sauce password:
(Update: For those of you inquiring about the strength of my Hotmail password – it was a seven-letter string of lowercase letters. Not a dictionary word, but part acronym, part proper noun. It’s not the world’s strongest password, and I can feel the parental glare of Davey Winder from 200 miles away, but it wasn’t that weak, either.)
And somehow this is Microsoft fault? He's just asking to be hacked, and with a weak password like this? *sigh*
You're not using the tools available to you then. Phone. IM, chat rooms, teleconferences available at a moments notice. We have a number of people in our group that work remotely (and the rest of us work from home once or twice a week). We keep a chatroom going with the lot of us (8 of us) in there at all times - mostly it's used for the usual office-type banter, but its great for collaboration etc. We also have loose rules, that if you want to telecommute, you HAVE to make yourself available at a moments notice by phone. Sometimes you step away from the computer, so you miss an IM etc, but if that phone rings, you better be answering it or you're going to lose your telecommuting privs.
Just set the expectations with the group. We have no problems getting stuff done on very short (minutes) notice.
Update monday Jan 16 - 2012: We have been contacted by bluebyte over the weekend, the company that developed the Anno series. Our key has been pretty much unlocked allowing us to properly work on this article. To be continued....
Uh, NO, NO, NO! Ubisoft and other vendors will continue this trend of archaic stupid DRM until it hits them in the wallet. The 'review' industry should take a stance - no reviews, no press, nothing, until Ubisoft (and any other vendors that do this kind of shit) stop the excessive DRM.
Do you really think the developer of the game will give out an 'unlocked' code to anyone OTHER than a high-profile website reviewer? What if you ran into this at home, which with a grand total of 3 registration attempts, is easy to do over the course of a short period of time: "When contacting Ubisoft marketing here in the Netherlands, their reply goes like this: 'Sorry to disappoint you - the game is indeed restricted to 3 hardware changes and there simply is no way to bypass that. We also do not have 7 copies of the game for you'.:"
THATS what average joe-user will get, a simple 'tough shit'. STOP REVIEWING THEIR GAMES
beyond the obvious 'dont park where you're likely to get broken into', fully encrypting your drive and getting insurance (auto or home should cover it) is the most reasonable thing to do. Phone-home software may or may not work - frankly, I don't bother. Just encrypt and have offsite backups of the important stuff. Take the insurance payout and replace.
I work in security for my company, so we keep an eye on unauthorized software in our enterprise. We had a guy just today download PuTTY from a download site, that came bundled with all kinds of shitty toolbars and adware. This guy is a Sr. Software Manager and Developer at the company and should know better.
I wish I could clue these supposedly 'smart' users in, but they'll download and install anything without any critical thinking at all.
Except people won't leave Facebook. With the new changes (I call it the 'stalking update 1.0'), I've been preaching to everyone on FB to move over to Google+.
Not a single person has moved. They're too comfortable on Facebook, even with the recent UI changes. They're happy to make post after post bitching about FB, the new UI, the privacy problems, but they're too lazy to DO ANYTHING about it.
Until Google+ gets a significantly larger userbase, it's not particularly useful. *sigh*
The real problem here is education. Sure, the end user has been to training (not trained though, see the difference?) on basic computer security, not to insert strange USB sticks, etc etc. But they don't LEARN.
Fire a few of them for gross violations of security policy. The people remaining will learn real quick.
Looked up my neighborhood, and NONE of the data is correct. According to the map, I can get fiber. Nope. According to the map, I cannot get a cable modem, let alone docsis 3.0. - wrong again, thats what Im on right now.
I work in security, and we tried this where I work. It worked very well for most things - specifically browser pages. But there are a number of third party apps that use SSL, and they expect to see their cert in the client on the end user desktop. They check for this, and when it doesn't exist, they break. Things like stock trading clients, etc., along with some business apps for business process that we outsource. The appliance we use also gives us the option to NOT inspect HTTPS traffic banking and financial institutions.
We ended up turning off HTTPS inspection, as it was too much hassle. We lost the ability to inspect HTTPS transfers for malicious content, but we can (and do) still block based on the category of the destination domain - that blocking is still protocol independent.
What really kills me is the REAL perks getting eliminated - bonuses, my whole 401k match is gone now, health insurance cost going through the roof, etc. THAT hurts my bottom line, coffee does not.
I understand that they cut the 401k match and increased the health insurance premium to try to save a few jobs - but jesus, looking at the bloat in some of the organizations here, lay off a few of them (sales, I'm looking at you. You spend ALL DAY on youtube. Yes, I can prove it), you'd think you could cut some of them, and keep the match.
3.is not a financial/medical/etc company or something that contains what one may deem as sensitive data.
PII (Personally Identifiable Information) is considered sensitive, and several states (MA and NV in particular) have strict laws on the books about protecting that information.
Granted, you GIVE that info to Facebook, mostly for the express purpose of putting it out there for others to find, but the laws are on the books.
Slashdot Mirror
Programmers are just cogs in a machine nowadays. Comparing them to brain surgeons is laughable at best.
I get the analogy you're trying to do, but it's not how businesses view programmers anymore.
DLP is not just on endpoints. There can also be appliances inspecting all outbound traffic (including SSL decryption if you want) and scanning all email, samba shares etc etc.
having said that, I've dealt with DLP, and it only catches the stupid ones. Anyone with a little knowledge can usually bypass DLP fairly easily.
Bob should not go out in public at that point, and should be confined to a bubble.
I use the commercial version, but you can get it as freeware:
http://netwitness.com/products-services/investigator-freeware
basically, grab a pcap anywhere on the network, dump it into investigator, and then sift through the data. It's really powerful, but may take a little getting used to. Shows you all kinds of neat stuff about the data, lets you slice and dice it however you want by a whole host of criteria. Highly recommended.
I'd question the wisdom of any company who basis their purchasing decision on users simply wanting to have a flashy phone, rather than wanting to actually get work done and be productive.
I completely agree here. I argued to hold out until the BB 10 comes out to at least have a look-see, but corporate didn't want to wait, and the sales guys are beating down the doors to get the new flash iPhones. I can't stand my job, and this is one of the reasons why - we don't make business decisions based on facts, evidence, ability to get job done, etc, its all based on screaming the loudest and raw emotions. I imagine it's that way in quite a few companies nowadays. *sigh*
not a single one had it as part of the evaluation. Including us.
Interesting, but not relevant. I work for a corporation that just standardized on the iPhone (against my recommendations). RIM was never even at the table. Sales, Marketing and even IT guys just don't want to be seen with a BB device anymore - they all want either an iPhone (mostly) or a Samsung GIII (minority). That's it. Its more about cool factor and being seen with the device, even in the business world.
As part of the evaluation, we spoke to close to a dozen other companies that recently went through the same process, and pretty much got the same response - that the users overwhelmingly refused to have anything to do with a RIM product, and wanted the flashy new iPhone or GIII.
...the problem is, they're not allowed to think for themselves. Education is completely irrelevant - they have to follow the scripts they have in front of them, and not deviate or they get dinged. I know, I've had to write some of these scripts for them (not IBM, but another large multinational co that does outsourced helpdesk work). The last step in any of the scripts is to escalate to Tier 2/3 - which 90% of the time is an actual employee of the company and not part of the outsourced help desk.
So how is having a college educated phone bozo any better than a high school educated one if they're not allowed to deviate from the scripts they're given?
So, a fairly public persona publicly announces that he's switching to Hotmail to give it a go. And has a weak-sauce password:
(Update: For those of you inquiring about the strength of my Hotmail password – it was a seven-letter string of lowercase letters. Not a dictionary word, but part acronym, part proper noun. It’s not the world’s strongest password, and I can feel the parental glare of Davey Winder from 200 miles away, but it wasn’t that weak, either.)
And somehow this is Microsoft fault? He's just asking to be hacked, and with a weak password like this? *sigh*
did you really just cite Wikipedia over the CREATOR of the show?
You're not using the tools available to you then. Phone. IM, chat rooms, teleconferences available at a moments notice. We have a number of people in our group that work remotely (and the rest of us work from home once or twice a week). We keep a chatroom going with the lot of us (8 of us) in there at all times - mostly it's used for the usual office-type banter, but its great for collaboration etc. We also have loose rules, that if you want to telecommute, you HAVE to make yourself available at a moments notice by phone. Sometimes you step away from the computer, so you miss an IM etc, but if that phone rings, you better be answering it or you're going to lose your telecommuting privs.
Just set the expectations with the group. We have no problems getting stuff done on very short (minutes) notice.
The article has an update:
Update monday Jan 16 - 2012: We have been contacted by bluebyte over the weekend, the company that developed the Anno series. Our key has been pretty much unlocked allowing us to properly work on this article. To be continued ....
Uh, NO, NO, NO! Ubisoft and other vendors will continue this trend of archaic stupid DRM until it hits them in the wallet. The 'review' industry should take a stance - no reviews, no press, nothing, until Ubisoft (and any other vendors that do this kind of shit) stop the excessive DRM.
Do you really think the developer of the game will give out an 'unlocked' code to anyone OTHER than a high-profile website reviewer? What if you ran into this at home, which with a grand total of 3 registration attempts, is easy to do over the course of a short period of time: "When contacting Ubisoft marketing here in the Netherlands, their reply goes like this: 'Sorry to disappoint you - the game is indeed restricted to 3 hardware changes and there simply is no way to bypass that. We also do not have 7 copies of the game for you'.:"
THATS what average joe-user will get, a simple 'tough shit'. STOP REVIEWING THEIR GAMES
beyond the obvious 'dont park where you're likely to get broken into', fully encrypting your drive and getting insurance (auto or home should cover it) is the most reasonable thing to do. Phone-home software may or may not work - frankly, I don't bother. Just encrypt and have offsite backups of the important stuff. Take the insurance payout and replace.
I work in security for my company, so we keep an eye on unauthorized software in our enterprise. We had a guy just today download PuTTY from a download site, that came bundled with all kinds of shitty toolbars and adware. This guy is a Sr. Software Manager and Developer at the company and should know better.
I wish I could clue these supposedly 'smart' users in, but they'll download and install anything without any critical thinking at all.
Except people won't leave Facebook. With the new changes (I call it the 'stalking update 1.0'), I've been preaching to everyone on FB to move over to Google+.
Not a single person has moved. They're too comfortable on Facebook, even with the recent UI changes. They're happy to make post after post bitching about FB, the new UI, the privacy problems, but they're too lazy to DO ANYTHING about it.
Until Google+ gets a significantly larger userbase, it's not particularly useful. *sigh*
The real problem here is education. Sure, the end user has been to training (not trained though, see the difference?) on basic computer security, not to insert strange USB sticks, etc etc. But they don't LEARN.
Fire a few of them for gross violations of security policy. The people remaining will learn real quick.
Agree. According to this, I can get FIOS. No dice. They did get the cable Co right, though.
Looked up my neighborhood, and NONE of the data is correct. According to the map, I can get fiber. Nope. According to the map, I cannot get a cable modem, let alone docsis 3.0. - wrong again, thats what Im on right now.
What a complete waste of 200mil.
who do you think MAKES the laws?
[citation needed]
I work in security, and we tried this where I work. It worked very well for most things - specifically browser pages. But there are a number of third party apps that use SSL, and they expect to see their cert in the client on the end user desktop. They check for this, and when it doesn't exist, they break. Things like stock trading clients, etc., along with some business apps for business process that we outsource. The appliance we use also gives us the option to NOT inspect HTTPS traffic banking and financial institutions.
We ended up turning off HTTPS inspection, as it was too much hassle. We lost the ability to inspect HTTPS transfers for malicious content, but we can (and do) still block based on the category of the destination domain - that blocking is still protocol independent.
for all that is holy, you (along with this thought process) are the root of the problem. lemme guess: you work in sales?
*sigh*
What really kills me is the REAL perks getting eliminated - bonuses, my whole 401k match is gone now, health insurance cost going through the roof, etc. THAT hurts my bottom line, coffee does not.
I understand that they cut the 401k match and increased the health insurance premium to try to save a few jobs - but jesus, looking at the bloat in some of the organizations here, lay off a few of them (sales, I'm looking at you. You spend ALL DAY on youtube. Yes, I can prove it), you'd think you could cut some of them, and keep the match.
3.is not a financial/medical/etc company or something that contains what one may deem as sensitive data.
PII (Personally Identifiable Information) is considered sensitive, and several states (MA and NV in particular) have strict laws on the books about protecting that information.
Granted, you GIVE that info to Facebook, mostly for the express purpose of putting it out there for others to find, but the laws are on the books.
...and that'll blow the uni off the net for a while, i think :)