Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3084 posts

Uber Geek
+1 received by user: 509

Trusted

Topic # 111113 24-Oct-2012 15:28
Send private message

I have a client - A Dishwasher / Oven / Appliance repair company that has had issues with dishonest staff in the past stealing sensitive commercial information.

They asked me if they could give access to a directory of pdf's on their server to a bunch of tablets, but prevent those files from being copied to the tablet itself or to the sd card / dropbox or any other storage medium?

I was thinking sure - a windows share accessible only over their office wifi network, but how would we prevent them from copying those pdf's to the tablet itself or micro sd card and taking them to the competition.

Any ideas?

Am thinking they may just need to give repair technicians access on a case-by-case basis to pdf's as they need them so they cant get bulk access - so it would take years to collect a couple of hundered from the thousands of pdf files they have sitting on their file server.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




Filter this topic showing only the reply marked as answer Create new topic
2634 posts

Uber Geek
+1 received by user: 493


  Reply # 705755 24-Oct-2012 15:42
Send private message

The short answer is probably yes, 

As well as restricting the shared drive, You could also lock up the PDFs by making them unprintable and unreadable without the appropriate password, ( although I am told it is a bit of an arms race with cracking programmes vs new versions of acrobat in this regard)
 
I know that IOS 6 now gives you some pretty good ways of locking iPads down , and with "guided access" it is possible to lock out certain parts of the screen in specific applications, 

I imagine that Android may also have similar controls available.



3873 posts

Uber Geek
+1 received by user: 159


  Reply # 705766 24-Oct-2012 15:59
Send private message

20 years ago Ericsson published the service manuals for the BCS150 on brown paper. Made them really hard to read, hard to use, but a great challenge to copy.

The resulting BCS150 service manual copies were even harder to use, but still usable.

http://puu.sh/1i5JI - yip, I hit shift-ctrl-2 and screen printed this post, as I was typing it to a public web site.

In my view your client needs to sit down and have a real think about this.

They could choose to invest in making life hard for their service guys or market the whole package of their business and win loyalty from their staff.







Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


 
 
 
 


BDFL - Memuneh
58928 posts

Uber Geek
+1 received by user: 10296

Administrator
Trusted
Geekzone
Subscriber

  Reply # 705770 24-Oct-2012 16:10
Send private message

Your client will need to push out a solution to manage devices that connect to the network. Even if it's a tablet or smartphone it must be controlled by the management solution that will push security policies - or should not allowed to connect at all.

This is how BYOD is. People will have to deal with it.




gzt

9070 posts

Uber Geek
+1 received by user: 1245


  Reply # 705794 24-Oct-2012 16:37
Send private message

Assuming they have a Windows server already - remote desktop / terminal services is easily the best way to deal with this set of issues.

RDP clients are also available for Android. You may need to evaluate several before selecting the best for your platform.

3873 posts

Uber Geek
+1 received by user: 159


  Reply # 705827 24-Oct-2012 17:47
Send private message

gzt: Assuming they have a Windows server already - remote desktop / terminal services is easily the best way to deal with this set of issues.

RDP clients are also available for Android. You may need to evaluate several before selecting the best for your platform.


What's the operational cost of that for say 3 techs over a month?

What does the tech do if they're servicing something where their xPad can't get good 3G coverage?





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


gzt

9070 posts

Uber Geek
+1 received by user: 1245


  Reply # 705842 24-Oct-2012 18:32
Send private message

Good forward thinking, but read the requirements.

Fully Operational
3343 posts

Uber Geek
+1 received by user: 1088

Trusted
Vocus
Subscriber

  Reply # 705855 24-Oct-2012 18:47
Send private message

My 2c

This seems like an attempt at applying a technical solution to a human resources/legal problem.

My experience is these rarely achieve the ends they set out to achieve, and always inconvenience (read COST) everyone in the process.

I would advise the client to lawyer up and sue the people and companies who have stolen data, get his current staff to sign NDAs, and carry on.

137 posts

Master Geek
+1 received by user: 22


  Reply # 705860 24-Oct-2012 18:56
Send private message

ubergeeknz: My 2c

This seems like an attempt at applying a technical solution to a human resources/legal problem.

My experience is these rarely achieve the ends they set out to achieve, and always inconvenience (read COST) everyone in the process.

I would advise the client to lawyer up and sue the people and companies who have stolen data, get his current staff to sign NDAs, and carry on.


I have to agree with this, people will throw huge amounts of money at a security solution and overlook the simple human factor, if the pdf documents can be viewed they can be recorded, hell if I encounter a document with so many restrictions on it, i might just take a screen shot using good ol fashioned camera phone...

at the end of the day, while a technology solution might exist with rights management software etc, at the end of the day this is a human issue, not a technology issue.



3084 posts

Uber Geek
+1 received by user: 509

Trusted

  Reply # 705923 24-Oct-2012 20:54
Send private message

gzt: Assuming they have a Windows server already - remote desktop / terminal services is easily the best way to deal with this set of issues.

RDP clients are also available for Android. You may need to evaluate several before selecting the best for your platform.


We did some thinking and testing this afternoon, and came across the same answer also using the 2x client for android, and chose the Samsung galaxy note as the tablet of choice to issue to the technicians.

They currently use eee pc laptops and t-sticks to connect to the terminal server and access a restricted desktop environment that only allows them email via outlook so with the tablets, they can use active sync and access their calendar and email directly on the device.

Going forward, their terminal server environment will be modified so they dont use it for outlook anymore, they just have access to the pdf folder via a simple explorer window and nothing else - with client drive mapping disabled.

Outside the office it may be a little slow, but its still very usable for the black and white drawings that they look up. Also found changing the size of the scroll bars in the windows theme settings made it so they didnt have to use the 2x mouse - touching the tablet was quite adequate even for fat fingers.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




Filter this topic showing only the reply marked as answer Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Vodafone TV — television in the cloud
Posted 17-Oct-2017 19:29


Nokia 8 review: Classy midrange pure Android phone
Posted 16-Oct-2017 07:27


Why carriers might want to embrace Commerce Commission study, MVNOs
Posted 13-Oct-2017 09:42


Fitbit launches Ionic, its health and fitness smartwatch
Posted 12-Oct-2017 15:52


Xero launches machine learning automation to improve coding accuracy for small businesses
Posted 12-Oct-2017 15:45


Bank of New Zealand uses Intel AI to detect financial crime
Posted 12-Oct-2017 15:39


Sony launches Xperia XZ1, a smartphone with real-time 3D capture
Posted 11-Oct-2017 10:26


Notes on Nokia’s phone comeback
Posted 10-Oct-2017 10:06


Air New Zealand begins Inflight Wi-Fi rollout
Posted 9-Oct-2017 20:16


The latest mobile phones in perspective
Posted 9-Oct-2017 18:34


Review: Acronis True Image 2018 — serious backup
Posted 8-Oct-2017 11:22


Lenovo launches ThinkPad Anniversary Edition 25
Posted 7-Oct-2017 23:16


Less fone, more tech as Vodafone gets brand make-over
Posted 6-Oct-2017 08:16


API Talent Achieves AWS MSP Partner Status
Posted 5-Oct-2017 21:20


Stellar Consulting Group now a Domo Partner
Posted 5-Oct-2017 21:03



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.