network security for employees in mac/unix environment

By ITgurrl ·
A few questions :

1- When a back up drive is mounted on a computer on a mac/unix network, how secure it the data? That is, can the sys admin see the drive and/or access the contents.

2- Can your gmail password be seen by the sys admin, even if using https?

3- Are passwords detected realtime, or do they have to wait, use remote sharing and then look up your keychain app?

4- Any other tips for employees to secure their data from being seen by the sys admin?

Thanks in advance.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

As a Sys Admin

by mamies In reply to network security for empl ...

I don't think I would like to help you out. If whatever your trying to do in the workplace is not permitted by the governing body I would say just don't do it.

Although if it is permitted, what do you have to hide?


Collapse -

clarification to network security question

by ITgurrl In reply to As a Sys Admin

No, this is not about anything illegal, it's about personal information that shouldn't be seen by anyone else, i.e. files and passwords.

Collapse -

you can encrypt them or simply not store them on the domain.

by CG IT In reply to clarification to network ...

but other than personally encrypting the data, if the data resides anywhere on the domain, the enterprise [or domain] administrator has access. Even if enterprise or domain administrators are removed from permissions, they can seize ownership of folders and files which grants them full access. Encrypted files however can only be unencrypted with a key. Note: There are methods and tools to decrypt files that are encrypted if the sys admin really wants to see what's on the drive.

Questions such as this raise flags. If a company user is trying to hide information, that information probably isn't part of the company security policy.

Rule of thumb, if you don't want anyone to see it, then you shouldn't be using a company computer for it.

Collapse -

more questions on encryption, etc.

by ITgurrl In reply to you can encrypt them or s ...

Thanks for this. It raises other questions for me though:

1- if I use an external HD to store my files, is that considered in the domain? You may have already answered this, but I want to make sure I understood this well.

2- If I need to work on the external HD files, what do you recommend for encryption software? Obviously, I can modify the files only while unencrypted, but aside from that time...what's the best encryption software for this?

3- Is using a service such as Carbonite any safer? Will that "drive" be considered as in the domain? Are there better options??

Thanks again.

Collapse -

let me put it this way, courts have ruled

by CG IT In reply to more questions on encrypt ...

that anything created using company equipment on company time is company property.

Removal of company property without authorization is considered theft.

Collapse -


by ITgurrl In reply to let me put it this way, c ...

You might want to re-read my question. The question has nothing whatsoever to do with theft or anything else that is illegal.

Collapse -

Doesn't matter if the information is created using

by CG IT In reply to re-read

company equipment on company time, they own it. They paid you create the information therefore they own it.

If you encrypt the data so that the information is not available to the owners of the data without authorization, that's basically theft if the company wants to pursue it.

Collapse -

better option

by SPC_TCOL In reply to more questions on encrypt ...

use your own files on you own computer at home.

Collapse -

what about logging into your own personal email

by ITgurrl In reply to network security for empl ...

most people check their personal email at work and it is not deemed illegal, etc. how would you protect your personal email from being read? Let's say you are using one of the free online email services.

Collapse -

good question

by SPC_TCOL In reply to what about logging into y ...

Ok, in some companies this is not allowed or only at certain times.

If it's allowed to check your private email at your company, and someone reads it, then this person can get in trouble.

If it's a company computer, then you can't protect anything from being read, because we for example use a screen viewer tool.

Related Discussions

Related Forums