[Web4lib] Re: Info Week article re: portable drives (was)

Thomas Edelblute TEdelblute at anaheim.net
Wed May 3 11:51:57 EDT 2006


 
And these vulnerabilities can be addressed by changing the boot order in
the BIOS and through proper application of Windows Group Policies from
the Active Directory domain controller.  Then you can still have the
storage devices available, restrict access to the hard-drive and network
system, and specify a list of allowed executable programs to run.

Thomas Edelblute
Anaheim Public Library

-----Original Message-----
From: web4lib-bounces at webjunction.org
[mailto:web4lib-bounces at webjunction.org] On Behalf Of Michael McEvoy
Sent: Wednesday, May 03, 2006 6:53 AM
To: Web4lib at webjunction.org
Subject: Re: [Web4lib] Re: Info Week article re: portable drives (was)

The possible answers have a lot of "if" attached to it...

IF the person is a cracker and uses a Library computer to, say, hack
into the Pentagon and steal schematics for building a better nuclear
bomb...

IF the library has inadequate network security, a person could download
a client used for accessing your ILS, and then use the client at other
locations access your patron's data.

IF the library has copies of licensed programs available in any fashion
that the patron could download from you... then release pirated copies
on the Internet to all his/her buddies.

IF the patron uses the USB to launch a P2P program and begins
downloading movies... prompting a visit from the wonderful RIAA or MPAA
folks for copyright infringement.

Most of these "if's" are likely against your standard user agreement and
Internet Use policies (assuming you have these available). They also
apply to any library providing wireless/wired hotspot access.

In most cases, you're just weighing the good versus the bad. USB flash
provides a very easy, portable way to save documents and carry work with
you. Likewise, it provides an easily concealable means to save and carry
stuff you're not supposed to.


On Wed, May 3, 2006 09:21, travelinlibrarian.8248287 at bloglines.com
wrote:
- > As I read that article, the "security risks" are from USB drives
with
- > sensitive
- > data being stolen and from people using them to copy and remove data
-
> they're
- > not supposed to walk off with. How does either of these things apply
to a
- > public terminal in a library. Seriously, what possible data would a
-
> library
- > put on a public computer that they need to protect from leaving the
-
> building?
- >
- >
- > Michael Sauers
- > Internet Trainer, BCR
- >
- > --- kgreen at vrs.va.state.us wrote:
- >
- > Information Week has a relevant article today about the security
risks
- > that
- > USB drives present -- and a few of the solutions that companies are
-
> developing.
- >
- >>
- >>
http://www.informationweek.com/story/showArticle.jhtml?articleID=1870027
24
- >
- >>
- >>   ~Kelly Green
- >
- > _______________________________________________
- > Web4lib mailing list
- > Web4lib at webjunction.org
- > http://lists.webjunction.org/web4lib/
- >


     _<>_
   /      \     Michael McEvoy
  |==\==/==|    mmcevoy at northvillelibrary.org
  |   ><   |    Electronic Services Support
,-\   ()   /-.  Northville District Library
V( `-====-` )V  http://www.northville.lib.mi.us
(_____:|_____)  -------------------------------
 ----   ----    Webmaster - The Library Network
 Megabytes,     http://tln.lib.mi.us
 Gigabytes,     -------------------------------
 Terabytes,     All Powerful Guru
 Petabytes,     http://www.spoo.net
 Exabytes,      -------------------------------
 Zetabytes,     Chief Guru Officer
 Yottabytes,    http://www.mcwebdesign.net
 Nonabytes,
 Doggabytes,
 & Mycatbites



_______________________________________________
Web4lib mailing list
Web4lib at webjunction.org
http://lists.webjunction.org/web4lib/
THIS MESSAGE IS INTENDED ONLY FOR THE USE OF THE INDIVIDUAL OR ENTITY TO WHICH IT IS ADDRESSED AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, CONFIDENTIAL, AND EXEMPT FROM DISCLOSURE UNDER APPLICABLE LAWS. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution, forwarding, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail or telephone, and delete the original message immediately. Thank you.


More information about the Web4lib mailing list