Re: Parallels and WinME

Steve Firth <%steve%@xxxxxxxxxxxx> wrote:

Ian McCall <ian@xxxxxxxxxx> wrote:

Whilst this makes every practical bit of sense in the world, I suspect
nothing on earth would save my job should the laptop be nicked and
somehow that image was accessed. -Unless- it was protected by the
corporate-mandated code, in which case I'd be ok. I do tend to take
this stuff very seriously indeed - the bank's reputation and hence my
livelihood rather depends on me following procedures to the letter.

I understand. Sadly in order to comply with security policies I have to
use two laptops, one for corporate stuff (a Thinkpad with an encrypted
HDD) and this one, which I use for anything without a security
restriction.

I'd suggest that possibly the route you ought to consider is the VMware
offering for the Mac, rather than Parallels. An alternative but possibly
less pleasant is to see if the bank would accept BeCrypt instead of PC
Guardian. BeCrypt is the darling of those involved in government work
and it does work. However it needs no less than two usernames and three
passwords to get into and two of those passwords must be completely
unmemorable and changed at frequent intervals.

It does indeed. I thought it was amusing that because you have the two
unmemorable passwords, there are a group of laptops owned by the MOD
that I have worked on with bcrypt on, and each one has a post it note on
with the passwords.
The advantage of good security!

--
Woody

www.alienrat.com
.

Relevant Pages

  • Re: Screensaver takes too much time to fade-out...
    ... I will provide a disclaimer up front that I work in the security field, but I design security protocols and OS security I learn from osmosis from my colleagues. ... Linux install is NOT as bad as say XP install where you can get owned DURING the install if you are connected. ... I am quite contrary on passwords and password strengths. ... First configure your local firewall so that all inbound ports are closed and only open those that you have evidence that you need (what local servers ARE you running? ...
    (Fedora)
  • Re: OT: disabling APIs to prevent keystroke logging
    ... I have googled keylogging but there's a ton of info a mostly ads. ... I've dealt with security issues in my work as a software ... Researcher refutes Microsoft's account of hijacked Hotmail passwords ... passwords were obtained in a massive phishing attack. ...
    (alt.sys.pc-clone.dell)
  • RE: passwords in asp pages
    ... and using integrated security for connecting to the database- this will ... remove cleartext passwords from the files. ... grab the raw asp source from the server. ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
  • Re: Oh Dear, Where to start?!
    ... > sort of security solution? ... > use, passwords, physical security, backup/disaster ... > admin, network admin, tech support, programming, and ... Theres lots of software out there for backups. ...
    (Security-Basics)
  • Re: [Full-disclosure] Filezillas silent caching of users credentials
    ... the security hassles you're going through are all useless. ... With regards to the handcuffs example, ... limiting access to the passwords file in the first place. ...
    (Full-Disclosure)