Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3094 posts

Uber Geek
+1 received by user: 510

Trusted

Topic # 111113 24-Oct-2012 15:28
Send private message

I have a client - A Dishwasher / Oven / Appliance repair company that has had issues with dishonest staff in the past stealing sensitive commercial information.

They asked me if they could give access to a directory of pdf's on their server to a bunch of tablets, but prevent those files from being copied to the tablet itself or to the sd card / dropbox or any other storage medium?

I was thinking sure - a windows share accessible only over their office wifi network, but how would we prevent them from copying those pdf's to the tablet itself or micro sd card and taking them to the competition.

Any ideas?

Am thinking they may just need to give repair technicians access on a case-by-case basis to pdf's as they need them so they cant get bulk access - so it would take years to collect a couple of hundered from the thousands of pdf files they have sitting on their file server.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




Filter this topic showing only the reply marked as answer Create new topic
2708 posts

Uber Geek
+1 received by user: 554


  Reply # 705755 24-Oct-2012 15:42
Send private message

The short answer is probably yes, 

As well as restricting the shared drive, You could also lock up the PDFs by making them unprintable and unreadable without the appropriate password, ( although I am told it is a bit of an arms race with cracking programmes vs new versions of acrobat in this regard)
 
I know that IOS 6 now gives you some pretty good ways of locking iPads down , and with "guided access" it is possible to lock out certain parts of the screen in specific applications, 

I imagine that Android may also have similar controls available.



3885 posts

Uber Geek
+1 received by user: 161


  Reply # 705766 24-Oct-2012 15:59
Send private message

20 years ago Ericsson published the service manuals for the BCS150 on brown paper. Made them really hard to read, hard to use, but a great challenge to copy.

The resulting BCS150 service manual copies were even harder to use, but still usable.

http://puu.sh/1i5JI - yip, I hit shift-ctrl-2 and screen printed this post, as I was typing it to a public web site.

In my view your client needs to sit down and have a real think about this.

They could choose to invest in making life hard for their service guys or market the whole package of their business and win loyalty from their staff.







Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


 
 
 
 


BDFL - Memuneh
59168 posts

Uber Geek
+1 received by user: 10408

Administrator
Trusted
Geekzone
Subscriber

  Reply # 705770 24-Oct-2012 16:10
Send private message

Your client will need to push out a solution to manage devices that connect to the network. Even if it's a tablet or smartphone it must be controlled by the management solution that will push security policies - or should not allowed to connect at all.

This is how BYOD is. People will have to deal with it.




gzt

9158 posts

Uber Geek
+1 received by user: 1290


  Reply # 705794 24-Oct-2012 16:37
Send private message

Assuming they have a Windows server already - remote desktop / terminal services is easily the best way to deal with this set of issues.

RDP clients are also available for Android. You may need to evaluate several before selecting the best for your platform.

3885 posts

Uber Geek
+1 received by user: 161


  Reply # 705827 24-Oct-2012 17:47
Send private message

gzt: Assuming they have a Windows server already - remote desktop / terminal services is easily the best way to deal with this set of issues.

RDP clients are also available for Android. You may need to evaluate several before selecting the best for your platform.


What's the operational cost of that for say 3 techs over a month?

What does the tech do if they're servicing something where their xPad can't get good 3G coverage?





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


gzt

9158 posts

Uber Geek
+1 received by user: 1290


  Reply # 705842 24-Oct-2012 18:32
Send private message

Good forward thinking, but read the requirements.

Fully Operational
3343 posts

Uber Geek
+1 received by user: 1088

Trusted
Vocus
Subscriber

  Reply # 705855 24-Oct-2012 18:47
Send private message

My 2c

This seems like an attempt at applying a technical solution to a human resources/legal problem.

My experience is these rarely achieve the ends they set out to achieve, and always inconvenience (read COST) everyone in the process.

I would advise the client to lawyer up and sue the people and companies who have stolen data, get his current staff to sign NDAs, and carry on.

137 posts

Master Geek
+1 received by user: 22


  Reply # 705860 24-Oct-2012 18:56
Send private message

ubergeeknz: My 2c

This seems like an attempt at applying a technical solution to a human resources/legal problem.

My experience is these rarely achieve the ends they set out to achieve, and always inconvenience (read COST) everyone in the process.

I would advise the client to lawyer up and sue the people and companies who have stolen data, get his current staff to sign NDAs, and carry on.


I have to agree with this, people will throw huge amounts of money at a security solution and overlook the simple human factor, if the pdf documents can be viewed they can be recorded, hell if I encounter a document with so many restrictions on it, i might just take a screen shot using good ol fashioned camera phone...

at the end of the day, while a technology solution might exist with rights management software etc, at the end of the day this is a human issue, not a technology issue.



3094 posts

Uber Geek
+1 received by user: 510

Trusted

  Reply # 705923 24-Oct-2012 20:54
Send private message

gzt: Assuming they have a Windows server already - remote desktop / terminal services is easily the best way to deal with this set of issues.

RDP clients are also available for Android. You may need to evaluate several before selecting the best for your platform.


We did some thinking and testing this afternoon, and came across the same answer also using the 2x client for android, and chose the Samsung galaxy note as the tablet of choice to issue to the technicians.

They currently use eee pc laptops and t-sticks to connect to the terminal server and access a restricted desktop environment that only allows them email via outlook so with the tablets, they can use active sync and access their calendar and email directly on the device.

Going forward, their terminal server environment will be modified so they dont use it for outlook anymore, they just have access to the pdf folder via a simple explorer window and nothing else - with client drive mapping disabled.

Outside the office it may be a little slow, but its still very usable for the black and white drawings that they look up. Also found changing the size of the scroll bars in the windows theme settings made it so they didnt have to use the 2x mouse - touching the tablet was quite adequate even for fat fingers.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




Filter this topic showing only the reply marked as answer Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

UFB connections pass 460,000
Posted 11-Dec-2017 11:26


The Warehouse Group to adopt IBM Cloud to support digital transformation
Posted 11-Dec-2017 11:22


Dimension Data peeks into digital business 2018
Posted 11-Dec-2017 10:55


2018 Cyber Security Predictions
Posted 7-Dec-2017 14:55


Global Govtech Accelerator to drive public sector innovation in Wellington
Posted 7-Dec-2017 11:21


Stuff Pix media strategy a new direction
Posted 7-Dec-2017 09:37


Digital transformation is dead
Posted 7-Dec-2017 09:31


Fake news and cyber security
Posted 7-Dec-2017 09:27


Dimension Data New Zealand strengthens cybersecurity practice
Posted 5-Dec-2017 20:27


Epson NZ launches new Expression Premium Photo range
Posted 5-Dec-2017 20:26


Eventbrite and Twickets launch integration partnership in Australia and New Zealand
Posted 5-Dec-2017 20:23


New Fujifilm macro lens lands in New Zealand
Posted 5-Dec-2017 20:16


Cyber security not being taken seriously enough
Posted 5-Dec-2017 20:13


Sony commences Android 8.0 Oreo rollout in New Zealand
Posted 5-Dec-2017 20:08


Revera partners with Nyriad to deliver blockchain pilot to NZ Government
Posted 5-Dec-2017 20:01



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.