|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Adam Shostack (adam
homeport.org)
Date: Tue Jan 27 2009 - 11:12:19 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm curious. How do they make such a determination? Assuming
reasonable staff, resources and training, how do they decide that the
hard drive wasn't removed and forensically imaged?
Not to cast asperations on anyone. I simply don't understand.
Adam
On Tue, Jan 27, 2009 at 08:37:51AM -0600, Stefan Wahe wrote:
| Living in Madison and working in IT Security, I do know that Madison Police
| Department has a unit that conducts IT forensics on electronic devices. They
| have the appropriate staff, resources and training to make such
| determinations. Additionally they have state and university resources at
| their availability with more than adequate training and experience in
| IT forensics. I am aware of this because I have had the opportunity to observe
| and work with them on other IT Security related issues.
|
| I hope this addresses your questions regarding the professionalism of the
| Madison Police Department. Please remember that this is a public forum and
| casting such doubts is not beneficial for those who are working towards
| solutions in preventing data loss. As a CISSP I hope that you are supportive
| of your colleagues in these efforts.
|
| My question is if the thief was interested steeling sensitive information off
| the device, would they then leave the device on city bus? What is their
| motivation in that action?
|
| Stefan Wahe
| _________________________________
| Stefan Wahe
| University of Wisconsin - Madison
| DoIT Applications and Information Security
| smwahewisc.edu
|
|
|
|
| On Jan 27, 2009, at 6:21 AM, Sean Steele wrote:
|
|
| Am I the only one who feels a bit dubious about a local police lab's
| declaration -- based on their exhaustive computer forensics investigation
| one s'poses -- that a machine's "sensitive information" has not been
| accessed?
|
|
|
| Hmmm.
|
|
|
| --
| Sean Steele, CISSP, CISA
| Sr. Security Consultant
| infoLock Technologies
| 703.504.9000 x219 direct
| 202.270.8672 mobile
| ssteeleinfolocktech.com
| ________________________________________
| From: dataloss-bouncesdatalossdb.org [dataloss-bouncesdatalossdb.org] On
| Behalf Of security curmudgeon [jerichoattrition.org]
| Sent: Tuesday, January 27, 2009 6:07 AM
| To: datalossdatalossdb.org
| Subject: [Dataloss] follow-up: Stolen city laptop recovered;workers'
| personal data not accessed
|
| ---------- Forwarded message ----------
| From: InfoSec News <alertsinfosecnews.org>
|
| http://www.madison.com/wsj/mad/latest/434816
|
| By Dean Mosiman
| Madison.com
| Jan 26, 2009
|
| An oversight by the city of Madison's personnel office is why Social
| Security numbers of 300 to 500 city employees were stored on a laptop
| computer stolen Friday from an office in the City-County Building.
|
| The laptop was found about two blocks from the City-County Building on
| South Hamilton Street and turned over to police Monday morning, who
| determined late in the afternoon that no sensitive information was
| accessed.
|
| The theft, however, put a scare into many and raised questions about city
| security of personal information.
|
| Mayor Dave Cieslewicz expressed concern about the incident and ordered a
| review of security specific to the situation, spokeswoman Rachel
| Strauch-Nelson said.
|
| The city laptop was taken from a "relatively secure location" in the
| fifth-floor Human Resources Department offices in the City-County
| Building, Wirtz said.
|
| [...]
| _______________________________________________
| Dataloss Mailing List (datalossdatalossdb.org)
|
| Tenable Network Security offers data leakage and compliance monitoring
| solutions for large and small networks. Scan your network and monitor your
| traffic to find the data needing protection before it leaks out!
| http://www.tenablesecurity.com/products/compliance.shtml
| _______________________________________________
| Dataloss Mailing List (datalossdatalossdb.org)
|
| Tenable Network Security offers data leakage and compliance monitoring
| solutions for large and small networks. Scan your network and monitor your
| traffic to find the data needing protection before it leaks out!
| http://www.tenablesecurity.com/products/compliance.shtml
|
|
| _______________________________________________
| Dataloss Mailing List (datalossdatalossdb.org)
|
| Tenable Network Security offers data leakage and compliance monitoring
| solutions for large and small networks. Scan your network and monitor your
| traffic to find the data needing protection before it leaks out!
| http://www.tenablesecurity.com/products/compliance.shtml
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)
Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]