corporate data control/leakage - user policy review

Posted on 2011-10-05
Medium Priority
Last Modified: 2012-06-27
What kind of policies do we need to look at (technical not HR policies) in terms of data protection - where data can get to who can access it who can take it where?

Could do with a big program on how to audit this or hints on common issues as to where companies have poor technical governance on how to control their corporate data to stop it getting into wrong hands / going offsite unencrypted etc

It is a windows environment mix of traditional workstations and some thin clients via citrix

The more areas to check the better
Question by:pma111
  • 2

Author Comment

ID: 36916104
*who can take it where on what (ie CD/unencrypted data)
LVL 19

Accepted Solution

basraj earned 1000 total points
ID: 36916959
If offshore users are using Citrix for accessing,then you can apply CItrix policies to restrict local drive mapping. So users local drive will not get mapped and they cannot save it to their local desktop. Similarly you can restrict drive access, share access on the servers which has sensitive information. Even mapped drives only with read or write. NTFS permission, basic window policies to hide drives can help.

Also if users are using remote desktop or citrix, then can save their sensitive datas to profile. In such cases folder redirection policies can be applied so it can be saved only to their home drives when they log out of the servers. So datas of one users cannot be seen by other.

Author Comment

ID: 36917154
Can you use group policy to restrict local drive "saving too" opn traditional windows workstations?

If so how - is it in admin templates anywhere?

Does it cause any problems if people cant save stuff locally? Like patches wanting to apply onto local disk etc.

Assisted Solution

timmcqueen earned 1000 total points
ID: 36975025
In this case Digital Right Management is a way to go.
I've used drm packages to control and keep track of our company sensitive information and documents just like your scenario.

Our main concern was our PDF Documents so we've used PDF OwnerGuard. According to our needs, Advanced edition was the best choice. Protected pdfs act like standard pdfs accessible using Adobe Reader, however they're locked to specific computers within the company. Users can copy the protected documents but as long as they're encrypted, they're useless on UN-authorized computers.

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your vDisk VHD file gets deleted from the image store accidentally or on purpose, you won't be able to remove the vDisk from the PVS console. There is a known workaround that is solid.
What if you have to shut down the entire Citrix infrastructure for hardware maintenance, software upgrades or "the unknown"? I developed this plan for "the unknown" and hope that it helps you as well. This article explains how to properly shut down …
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question