l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
December 2: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2009 Dec 18 06:26

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Legal Ethics Tech Question
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Legal Ethics Tech Question



Tony Cratz wrote:
> Bob Scofield wrote:
>> I've got a dual boot laptop, but I have to use Windows for my legal work.  
>> Supposedly Windows XP has a firewall, though I've never used it.  But note 
>> that the opinion talks about having to use both a firewall and an encryption 
>> device.  So what is an "encryption device" that I can use to comply with the 
>> ethics opinion when I am using Windows Internet Explorer to connect to the 
>> web?  
> 
> 
> 	Windows firewalls are not secure. You can use other software to
> 	help be a more secure firewall. This will help to reduce the
> 	number of people who can break into your laptop as you are
> 	connected to the Internet.
> 
> 	Next I have a question, what are you using the Internet for when
> 	you are using a public WiFi connection? Or you using it to for
> 	surfing public records? Or are you using it to connect to non
> 	public web servers?
> 
> 	Second question is are you accessing your work desktop via
> 	the Internet?
> 
> 	If you are doing either of these you could be putting your
> 	clients case in question.
> 
> 	If you are connecting to your desktop (which you really should
> 	not) you must use a VPN system which supports high security
> 	by encrypting the data as it is being transfered.
> 
> 	Even if you are not accessing your desktop but are just surfing
> 	public web sites, you should be using something like TrueCrypt
> 	to encrypt your clients data on your laptop. Thus keeping it
> 	more secure when your firewall is breached.
> 
> 	In fact, why aren't you using something like TrueCrypt to store
> 	your work data on your laptop. Anyone who can gain physical
> 	access to your laptop can break into it by bypassing the
> 	password. The information on how to do so is on the web with
> 	a simple Google search.
> 
> 	If you are not currently using some form of encryption for
> 	your client records are you are at risk of
> <quote>
> violating his duties of confidentiality and competence ....
> </quote>
> 
> 							Tony
>
Ah yes, local encryption of important files would be good too. For this
there are software and hardware solutions. Note this also applies to
data stored on usb or external harddrives. You may remember some recent
Federal scandals where agency employees took home unencrypted hard
drives that were then stolen...

Make sure to use good passwords when setting up stuff like this and in
the case of things like VPN you can also use public/private keys so you
don't have to type the password, but rather an encrypted file handles
the authentication for you.

http://en.wikipedia.org/wiki/Password_strength#Guidelines_for_strong_passwords

Alex



_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.