Results 1 to 10 of 13

Thread: Pointsec® for PC

Hybrid View

  1. #1
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

    Pointsec® for PC

    I am wondering if anyone here has used or even heard of a product called Pointsec® for PC . I met with the sales guys a few months ago and got the "our system is unbreakable" story. Whenever I hear those words I tend to tune out for the rest of the meeting. Anyways, My CIO is invoking the 'Golden Rule' (he who has the gold makes the rules), and has asked me to bring in a copy and test it out.

    Pointsec's award winning enterprise security product, Pointsec® for PC, ensures that the intellectual property stored on your laptops and desktops remains private and secure.
    If anyone has got any experience or comments about the product, I'd sure like to hear it.

    Thanks
    Cheers:
    DjM

  2. #2

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmm,

    I have never used the product but it does seem rather "snakeoilish" in its promotional statement. If you are keeping seriously sensitive/valuable "intellectual property" on desktops and laptops you don't need Pointsec, you need to take a long hard look at your security model.

    You should NOT have anything sensitive on a laptop............won't anybody learn from the Department of Veteran's Affairs, Japan's DoD and British MI5?

    The first move has to be a risk assessment exercise?...............like exactly what are you trying to protect, how desirable is it, and to whom, how valuable is it, how marketable is it and so on.......................

    You don't say, but I would imagine that you are mainly looking to secure laptops?

    I must say that my approach is to lean towards layered security:

    1. Power up password on an EEPROM chip.
    2. Operating System Password.
    3. Hard Drive Password (very difficult to circumvent).
    4. Drive encryption.
    5. Network logon password.
    6. Windows network/user security........particularly access and authority.

    The real question is exactly what have you got worth stealing, and what would stop a determined individual/organisation from either infiltrating you or bribing/coercing an employee?

    Just a few thoughts

  4. #4
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177

    Talking

    Quote Originally Posted by nihil
    Hmmm,

    I have never used the product but it does seem rather "snakeoilish" in its promotional statement. If you are keeping seriously sensitive/valuable "intellectual property" on desktops and laptops you don't need Pointsec, you need to take a long hard look at your security model.

    You should NOT have anything sensitive on a laptop............won't anybody learn from the Department of Veteran's Affairs, Japan's DoD and British MI5?
    Oh come now! How dare you suggest they do things PROPERLY!

    Hey Jonn-o, long time no see.

    I've heard of Pointsec and seen it compared to several other whole-drive/removable-device/all-encompasing enterprise protection/encryption schemes (how appropriate, the word "scheme").

    These vendors sell a "silver bullet solution" to these problems, when the problem/opportunity/solution is actually founded in user behavior and corporate/agency policy. Unfortunately (or fortunately, depending on which vendor you are), the way things have gone with the data disclosures and devices thefts in the last 18 months, it's probably better to consider a laptop as a simple thin-client front end for initiating the VPN tunnel into the protected fortress. It's a simple fact that if your data walks out the door (in any format), your odd's of being splashed on the main page of BBC or CNN just rose drastically.

    So this may make your manager happy, but I doubt it will actually improve your security posture significantly. If you build it, they will come (and break it). "They" being your users. "Every day, man is making bigger and better fool-proof things, and every day, nature is making bigger and better fools." -- Albert Einstein

    Anything that leaves the logio-physical perimeter of your (organizations) direct technical control is at higher risk of theft, accidental loss, and potential disclosure, and no amount of fancy software, hardware, schemas, and sales hullubaloo is going to change that.

    And with that, I'm gone for another 3 months! Haha, no, I'll try to hang around more.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  5. #5
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Quote Originally Posted by zencoder
    Oh come now! How dare you suggest they do things PROPERLY!

    Hey Jonn-o, long time no see.

    I've heard of Pointsec and seen it compared to several other whole-drive/removable-device/all-encompasing enterprise protection/encryption schemes (how appropriate, the word "scheme").

    These vendors sell a "silver bullet solution" to these problems, when the problem/opportunity/solution is actually founded in user behavior and corporate/agency policy. Unfortunately (or fortunately, depending on which vendor you are), the way things have gone with the data disclosures and devices thefts in the last 18 months, it's probably better to consider a laptop as a simple thin-client front end for initiating the VPN tunnel into the protected fortress. It's a simple fact that if your data walks out the door (in any format), your odd's of being splashed on the main page of BBC or CNN just rose drastically.

    So this may make your manager happy, but I doubt it will actually improve your security posture significantly. If you build it, they will come (and break it). "They" being your users. "Every day, man is making bigger and better fool-proof things, and every day, nature is making bigger and better fools." -- Albert Einstein

    Anything that leaves the logio-physical perimeter of your (organizations) direct technical control is at higher risk of theft, accidental loss, and potential disclosure, and no amount of fancy software, hardware, schemas, and sales hullubaloo is going to change that.

    And with that, I'm gone for another 3 months! Haha, no, I'll try to hang around more.
    Thanks for the input Zen and nihil, I don't disagree with either of you. Sometimes there is just not a technical solution to a management problem. That said, I am getting more and more pressure as the data theft cases hit the head lines. At this point if they want to spend the money (it ain't cheap) I'll figure some way to implement it.

    Cheers:
    DjM

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    DjM................."it ain't cheap"..............so they figure how to implement it

    I would still look at a composite solution along the lines I enumerated.

  7. #7
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Quote Originally Posted by DjM
    Thanks for the input Zen and nihil, I don't disagree with either of you. Sometimes there is just not a technical solution to a management problem. That said, I am getting more and more pressure as the data theft cases hit the head lines. At this point if they want to spend the money (it ain't cheap) I'll figure some way to implement it.

    Cheers:
    It's not an easy position you are in. Fortunately, the burden is taken off of you if this boss-manager-person says "Here is the budget, you will implement product X".

    I would mention the underlying problems, evangelize that while this solution may be a step in the right direction, it is NOT going to remove the risk or liability, and be vocal of your point but supportive of the change.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •