|
skipdogg posted:I'm not sure how you have things setup, but allowing C+P between Intune policy managed apps is a happy compromise. Data stays secure, user can copy and paste in managed apps. Yeah the times I've seen this cause problems is when people can copy and paste between Word and Outlook but the company doesn't have an agreed standard IM service so people are trying to paste street addresses into WhatsApp and getting frustrated. If you cover that sort of thing off then it's unlikely that anybody will really notice the restrictions are even in place.
|
# ? Jan 20, 2020 23:54 |
|
|
# ? May 28, 2024 06:05 |
|
Help me out here, what's the security benefit of preventing copy and paste on a mobile device? I'm not seeing the use case.
|
# ? Jan 21, 2020 00:07 |
|
22 Eargesplitten posted:Help me out here, what's the security benefit of preventing copy and paste on a mobile device? I'm not seeing the use case. Infosec are weirdos?
|
# ? Jan 21, 2020 00:09 |
|
22 Eargesplitten posted:Help me out here, what's the security benefit of preventing copy and paste on a mobile device? I'm not seeing the use case. I imagine it's some half hearted attempt at preventing data exfiltration since forwarding an email will leave a record.
|
# ? Jan 21, 2020 00:10 |
|
Proteus Jones posted:I imagine it's some half hearted attempt at preventing data exfiltration since forwarding an email will leave a record. casual data exfil. not serious or determined exfil. at a cost of making everyone's life difficult
|
# ? Jan 21, 2020 00:20 |
|
My experience is that draconian technical controls are usually a half measure for improperly scoped access controls of the data itself. I fully recognize that proper access control and auditing is hard and it's easier just to lock down every endpoint and call it a day and a lot of times other people are calling the shots which make the former harder. It doesn't change the fact that scope should be the first thing considered with security policy.
|
# ? Jan 21, 2020 00:28 |
|
It's probably not bad to consider that if something can be viewed then it can be copied, and focus your efforts on preventing sensitive data from being in Outlook in the first place, rights manage contract documents etc. It's probably only a feature that still exists because an MDM put it in there once and now all the vendors do it so that Gartner give them a nice score.
|
# ? Jan 21, 2020 00:35 |
|
I just upload the screenshots to a 3rd party image to text provider.
|
# ? Jan 21, 2020 01:01 |
|
I use a second phone to take pictures of my work phone. Eat a dick infosec
|
# ? Jan 21, 2020 01:31 |
|
NPR Journalizard posted:My first account was in the previous millennium I started reading this forum in 99 while in college, joined a few months before the fee actually started. I turn 40 this year. Goddamn bizarre when I think about it.
|
# ? Jan 21, 2020 03:34 |
My hospital system was in Chapter 11 and the buyer hosed us. They had to dump the one I'm based at. They've pretty much wound down operations and IT is doing inventory. God this whole thing is pissing me off. From how it happened to the complete lack of any callbacks. I knew this was going to happen for a while now, still can't get any one to talk to me. Even my so-called mentors in infosec that still work here don't pick up the phone or return my calls. I'm not useful to them so I don't matter anymore. My college degree doesn't mean poo poo. My experience doesn't mean poo poo. My work history doesn't mean poo poo. My connections don't mean poo poo. They've been having job fairs here all week and they tell us basically to gently caress off because we're not RNs. One "IT" recruiter came in and despite us coming in with degrees and sometimes decades of experience, this idiot still wants CompTIA certs and won't hear of anything else. I waited 90 minutes in the cold to talk to this dipshit. I wanted to jump over the table and beat him down right there in the conference room. I'm not even going to go in there anymore because it's always a total waste of time. I'm sick of being lied to. It's not going to be ok. My entire office has been applying to poo poo for over a month and everyone is still here. I can't even self medicate with weed anymore because of the loving drug testing.
|
|
# ? Jan 21, 2020 04:28 |
|
Let’s go be ice road truckers together
|
# ? Jan 21, 2020 04:59 |
|
Can I come
|
# ? Jan 21, 2020 05:07 |
|
jaegerx posted:I use a second phone to take pictures of my work phone. Eat a dick infosec I used my personal phone to take a picture of an error message on my work phone (screenshotting disabled) Then I pasted it in a word doc and emailed it to our IT dept. I constantly thought of this thread as I did it.
|
# ? Jan 21, 2020 09:35 |
|
Did you fax it to yourself and scan it back in and send a link to the image as QR code, though?
|
# ? Jan 21, 2020 10:32 |
|
Thanks Ants posted:Did you fax it to yourself and scan it back in and send a link to the image as QR code, though? Honestly crossed my mind to do something in that vein - scanning the work phone on my flatbed scanner would have been the easiest option but it unfortunately happened during the 6 month period where we weren't able to install our scanners due to 'security issues'
|
# ? Jan 21, 2020 11:23 |
|
Sickening posted:If I stopped implementing policies like this because there was a narrow/tedious work around how many security policies would I have left? Well, you'd be left with those that actually work
|
# ? Jan 21, 2020 11:40 |
|
Disabling copy/paste in Outlook on mobile reminds me of people disabling access to the right-click context menu on their Geocities websites.
|
# ? Jan 21, 2020 15:29 |
|
Thanks Ants posted:Did you fax it to yourself and scan it back in and send a link to the image as QR code, though? If you're not getting Mario Paint involved at some point how do you possibly stand having such low productivity?
|
# ? Jan 21, 2020 15:33 |
|
DelphiAegis posted:Probably unplugging a coworkers' sata cable. Last time I was updated, he is working for some for-profit Edu in Arizona. ( He was in my neck of the woods during CorvetteFisher / DaF days ). Don't ask me how I know. Also oh god: ptier fucked around with this message at 16:07 on Jan 21, 2020 |
# ? Jan 21, 2020 15:52 |
|
Proteus Jones posted:It really isn't. Sisyphus has it easy in comparison to trying to get senior management to approve a roll back of an inane security policy even with the backing of the security team. It usually boils down to being asked to prove a negative. "Do you have any evidence that X can never be used to compromise our company? Hmmm? Can you?" I just finished dealing with an audit that did basically this. Every time we got to the "okay this is impossible" they would just word it slightly differently and be all "well can you prove it now?" Morons, the lot of them.
|
# ? Jan 21, 2020 16:56 |
|
Semi- New title, getting (back) off of helpdesk, but pretty much no raise. Whatever, I think not being on helpdesk is worth it for the time being and it's an internal transfer so it's not like I'm going to have to learn a bunch of new stuff.
|
# ? Jan 21, 2020 17:02 |
|
If the owner/manager of the LinkedIn group for SH/SC is reading this ... you've allowed in a bunch of jokers who requested group invite but do not appear to be related to this forum at all.
|
# ? Jan 21, 2020 21:21 |
|
I'm a part of two different forums related linked in groups and they're both dead. I kind of wish we had a well moderated active/current group but don't have the energy to do it myself.
|
# ? Jan 21, 2020 21:29 |
|
The last thing I want is my posts here connected to my LinkedIn good lord Though I will plug the slack channel again: https://join.slack.com/t/somethinga...MTBmZDU4OTU0MTE
|
# ? Jan 21, 2020 21:32 |
|
That would actually be a nightmare, oh god.
|
# ? Jan 21, 2020 21:33 |
|
Thanks Ants posted:Did you fax it to yourself and scan it back in and send a link to the image as QR code, though? Built in minecraft?
|
# ? Jan 21, 2020 21:48 |
|
GnarlyCharlie4u posted:Built in minecraft? presented as a youtube video where the player flips a bunch of redstone switches, triggers some dynamite, and the explosions cause the blocks to order themselves as the qr code
|
# ? Jan 21, 2020 21:51 |
|
The Iron Rose posted:The last thing I want is my posts here connected to my LinkedIn good lord Did that start from an old the A Ticket Came In Thread? I seem to recall it was setup and then everyone was like, "oh...so in order for me to join you see my full name and place of employment....no thank you".
|
# ? Jan 21, 2020 22:05 |
|
This Goldmined beauty for the uninformed.quote:Backpedaling... stonefish posted:http://users.on.net/~luchich/glorious%20fuckup.mpq uncurable mlady posted:Captain Capacitor posted:This is where the we code takes you. http://i.imgur.com/5otXf.jpg GnarlyCharlie4u fucked around with this message at 22:33 on Jan 21, 2020 |
# ? Jan 21, 2020 22:30 |
|
I'm having flashbacks to groverhaus.
|
# ? Jan 21, 2020 22:52 |
|
The Fool posted:We budgeted $5k for "demo" computers. We normally order HP Elitebooks for everyone. Any new/noteworthy laptops that would be worth asking for? We bought the Surface Pro 6 last year. If anyone cares I ordered an HP Elite Dragonfly Going to be testing it along side this dock.
|
# ? Jan 21, 2020 23:02 |
|
The Fool posted:If anyone cares I ordered an HP Elite Dragonfly I care. Most specifically about how the screen performs. I computer everywhere, but my biggest pet peeves are a screen that isn't bright enough to melt my retinas and a screen that reflects a shitton of light so that it's unreadable in anything but a dark cave.
|
# ? Jan 21, 2020 23:13 |
|
The Fool posted:If anyone cares I ordered an HP Elite Dragonfly I've been using the Dragonfly notebook for about a month now. The screen is eye searingly bright but you can change the brightnes so nbd.
|
# ? Jan 21, 2020 23:21 |
|
The Elite Dragonfly looks great but HP Sure View just seems to make the viewing angles complete poo poo and isn't always an option, and they seem allergic to putting high DPI displays on their business notebooks. I was eyeing up an Elitebook 830 G6 but the display doesn't go above 1920x1080 so I'm pretty sure the Dell XPS 9300 is my next machine. Lenovo also seem to hate high DPI displays. Thanks Ants fucked around with this message at 23:27 on Jan 21, 2020 |
# ? Jan 21, 2020 23:24 |
|
To be fair, after hearing so many people bitch about application scaling not working well (or at all) on Surfaces or the 4k monitors we got, I can't say that I blame them.
|
# ? Jan 21, 2020 23:37 |
|
Oh yeah I would be very careful at what I specced for people to get as a standard laptop because they are going to complain endlessly if they need to log out/log in to get certain apps to scale nicely, but I really like my current XPS 13 display and don't want to go backwards.
|
# ? Jan 21, 2020 23:39 |
|
Calls to a certain vendor started failing today from a 2008 r2 server (slated to be replaced next week). After much troubleshooting it was discovered that the vendor was rejecting our TLS 1.0-based connections. A. Not sure why this server was still using TLS 1.0 B. The vendor swears this has been deprecated on their end for a while C. If that’s the case, why the hell did it finally act up now? We put in the registry fix for this and it started working again, but we’re still wondering wtf happened. I suspect they never actually disabled accepting 1.0 connections in their end when the deadline hit until someone noticed it this morning. Looking back through emails we talked to them about the TLS deadline and required changes back in 2018. Just confusion all around. Edit: I guess I will also be coming through last weeks security updates for anything that could have reset these values. Spring Heeled Jack fucked around with this message at 02:12 on Jan 22, 2020 |
# ? Jan 22, 2020 00:16 |
|
PBS posted:I'm having flashbacks to groverhaus. https://imgur.com/gallery/tI8ys The perfectly placed window at the bottom of the staircase, just waiting for someone to trip.
|
# ? Jan 22, 2020 00:56 |
|
|
# ? May 28, 2024 06:05 |
|
Sprechensiesexy posted:He is probably a certified VMware expert and being the brilliant rear end in a top hat stereotype somewhere. Didn’t he have the top of the line VMware certification and not even past the age of twenty five? Smart dude but I feel awful for his coworkers, managers and everyone else in his presence.
|
# ? Jan 22, 2020 02:14 |