Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3116 posts

Uber Geek
+1 received by user: 538

Trusted

Topic # 111113 24-Oct-2012 15:28
Send private message

I have a client - A Dishwasher / Oven / Appliance repair company that has had issues with dishonest staff in the past stealing sensitive commercial information.

They asked me if they could give access to a directory of pdf's on their server to a bunch of tablets, but prevent those files from being copied to the tablet itself or to the sd card / dropbox or any other storage medium?

I was thinking sure - a windows share accessible only over their office wifi network, but how would we prevent them from copying those pdf's to the tablet itself or micro sd card and taking them to the competition.

Any ideas?

Am thinking they may just need to give repair technicians access on a case-by-case basis to pdf's as they need them so they cant get bulk access - so it would take years to collect a couple of hundered from the thousands of pdf files they have sitting on their file server.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




Filter this topic showing only the reply marked as answer Create new topic
2850 posts

Uber Geek
+1 received by user: 627


  Reply # 705755 24-Oct-2012 15:42
Send private message

The short answer is probably yes, 

As well as restricting the shared drive, You could also lock up the PDFs by making them unprintable and unreadable without the appropriate password, ( although I am told it is a bit of an arms race with cracking programmes vs new versions of acrobat in this regard)
 
I know that IOS 6 now gives you some pretty good ways of locking iPads down , and with "guided access" it is possible to lock out certain parts of the screen in specific applications, 

I imagine that Android may also have similar controls available.



3886 posts

Uber Geek
+1 received by user: 161


  Reply # 705766 24-Oct-2012 15:59
Send private message

20 years ago Ericsson published the service manuals for the BCS150 on brown paper. Made them really hard to read, hard to use, but a great challenge to copy.

The resulting BCS150 service manual copies were even harder to use, but still usable.

http://puu.sh/1i5JI - yip, I hit shift-ctrl-2 and screen printed this post, as I was typing it to a public web site.

In my view your client needs to sit down and have a real think about this.

They could choose to invest in making life hard for their service guys or market the whole package of their business and win loyalty from their staff.







Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


 
 
 
 


BDFL - Memuneh
59638 posts

Uber Geek
+1 received by user: 10784

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 705770 24-Oct-2012 16:10
Send private message

Your client will need to push out a solution to manage devices that connect to the network. Even if it's a tablet or smartphone it must be controlled by the management solution that will push security policies - or should not allowed to connect at all.

This is how BYOD is. People will have to deal with it.




gzt

9400 posts

Uber Geek
+1 received by user: 1365


  Reply # 705794 24-Oct-2012 16:37
Send private message

Assuming they have a Windows server already - remote desktop / terminal services is easily the best way to deal with this set of issues.

RDP clients are also available for Android. You may need to evaluate several before selecting the best for your platform.

3886 posts

Uber Geek
+1 received by user: 161


  Reply # 705827 24-Oct-2012 17:47
Send private message

gzt: Assuming they have a Windows server already - remote desktop / terminal services is easily the best way to deal with this set of issues.

RDP clients are also available for Android. You may need to evaluate several before selecting the best for your platform.


What's the operational cost of that for say 3 techs over a month?

What does the tech do if they're servicing something where their xPad can't get good 3G coverage?





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


gzt

9400 posts

Uber Geek
+1 received by user: 1365


  Reply # 705842 24-Oct-2012 18:32
Send private message

Good forward thinking, but read the requirements.

Fully Operational
3343 posts

Uber Geek
+1 received by user: 1088

Trusted
Vocus
Subscriber

  Reply # 705855 24-Oct-2012 18:47
Send private message

My 2c

This seems like an attempt at applying a technical solution to a human resources/legal problem.

My experience is these rarely achieve the ends they set out to achieve, and always inconvenience (read COST) everyone in the process.

I would advise the client to lawyer up and sue the people and companies who have stolen data, get his current staff to sign NDAs, and carry on.

137 posts

Master Geek
+1 received by user: 22


  Reply # 705860 24-Oct-2012 18:56
Send private message

ubergeeknz: My 2c

This seems like an attempt at applying a technical solution to a human resources/legal problem.

My experience is these rarely achieve the ends they set out to achieve, and always inconvenience (read COST) everyone in the process.

I would advise the client to lawyer up and sue the people and companies who have stolen data, get his current staff to sign NDAs, and carry on.


I have to agree with this, people will throw huge amounts of money at a security solution and overlook the simple human factor, if the pdf documents can be viewed they can be recorded, hell if I encounter a document with so many restrictions on it, i might just take a screen shot using good ol fashioned camera phone...

at the end of the day, while a technology solution might exist with rights management software etc, at the end of the day this is a human issue, not a technology issue.



3116 posts

Uber Geek
+1 received by user: 538

Trusted

  Reply # 705923 24-Oct-2012 20:54
Send private message

gzt: Assuming they have a Windows server already - remote desktop / terminal services is easily the best way to deal with this set of issues.

RDP clients are also available for Android. You may need to evaluate several before selecting the best for your platform.


We did some thinking and testing this afternoon, and came across the same answer also using the 2x client for android, and chose the Samsung galaxy note as the tablet of choice to issue to the technicians.

They currently use eee pc laptops and t-sticks to connect to the terminal server and access a restricted desktop environment that only allows them email via outlook so with the tablets, they can use active sync and access their calendar and email directly on the device.

Going forward, their terminal server environment will be modified so they dont use it for outlook anymore, they just have access to the pdf folder via a simple explorer window and nothing else - with client drive mapping disabled.

Outside the office it may be a little slow, but its still very usable for the black and white drawings that they look up. Also found changing the size of the scroll bars in the windows theme settings made it so they didnt have to use the 2x mouse - touching the tablet was quite adequate even for fat fingers.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




Filter this topic showing only the reply marked as answer Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Samsung New Zealand introducing the Galaxy S9 and S9+
Posted 26-Feb-2018 07:00


Fujifilm X beats its best with new top of the range, high-performance camera
Posted 24-Feb-2018 14:05


One million kiwis affected by cybercrime
Posted 24-Feb-2018 13:58


New Zealanders want to engage with government online and via mobile apps
Posted 24-Feb-2018 13:56


Samsung launches Samsung Max
Posted 24-Feb-2018 13:52


CPTPP text and National Interest Analysis released for public scrutiny
Posted 21-Feb-2018 19:43


Foodstuffs to trial digitised shopping trolleys
Posted 21-Feb-2018 18:27


2018: The year of zero-login, smart cars & the biometrics of things
Posted 21-Feb-2018 18:25


Intel reimagines data centre storage with new 3D NAND SSDs
Posted 16-Feb-2018 15:21


Ground-breaking business programme begins in Hamilton
Posted 16-Feb-2018 10:18


Government to continue search for first Chief Technology Officer
Posted 12-Feb-2018 20:30


Time to take Appleā€™s iPad Pro seriously
Posted 12-Feb-2018 16:54


New Fujifilm X-A5 brings selfie features to mirrorless camera
Posted 9-Feb-2018 09:12


D-Link ANZ expands connected smart home with new HD Wi-Fi cameras
Posted 9-Feb-2018 09:01


Dragon Professional for Mac V6: Near perfect dictation
Posted 9-Feb-2018 08:26



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.