LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-22-2009, 03:20 AM   #1
solability
LQ Newbie
 
Registered: Jul 2009
Posts: 4

Rep: Reputation: 0
Preventing documents from leaving the office (emailing, save-as)


Hi there,

new to this forum.
We work with quite a bit of confidential information, so need a systems that prevents certain office files from leaving the office - i.e. users should be able to to edit those files, but should not be allowed to attache to email, or save on usb sticks.
Does any Linux server offer such a system?

Any hint would be greatly appreciated.
 
Old 07-22-2009, 03:45 AM   #2
karamarisan
Member
 
Registered: Jul 2009
Location: Illinois, US
Distribution: Fedora 11
Posts: 374

Rep: Reputation: 55
I can't imagine how. Think about it - if they can see the contents of a file, how can you stop them from saving a copy of it?
 
Old 08-10-2009, 04:23 AM   #3
solability
LQ Newbie
 
Registered: Jul 2009
Posts: 4

Original Poster
Rep: Reputation: 0
it is somehow possible - there's very expensive software available for windows servers that do just that - see http://www.fileopen.com or hardware, see http://shop.tstor.biz/src/mainpage.asp

wondering why nobody seems to be looking for these kind of systems in times of data protection requirments
 
Old 08-10-2009, 05:40 AM   #4
karamarisan
Member
 
Registered: Jul 2009
Location: Illinois, US
Distribution: Fedora 11
Posts: 374

Rep: Reputation: 55
Because this is a fundamentally difficult problem. Once someone has the information, if they are determined to copy it, there is no way you are going to be able to stop them. Consider - once it's open, I can take a screenshot. They add a hook so that window blacks out when you do so? Okay, I'll run VNC and then take a screenshot of that. Or I could skip all of this and just manually copy it. It's a cat-and-mouse game you can never really win.
 
Old 08-10-2009, 06:15 AM   #5
GrapefruiTgirl
Guru
 
Registered: Dec 2006
Location: underground
Distribution: Slackware64
Posts: 7,594

Rep: Reputation: 550Reputation: 550Reputation: 550Reputation: 550Reputation: 550Reputation: 550
Moved: This thread is more suitable in <Linux Security> and has been moved accordingly to help your thread/question get the exposure it deserves.

Sasha
 
Old 08-10-2009, 06:23 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,304
Blog Entries: 54

Rep: Reputation: 2856Reputation: 2856Reputation: 2856Reputation: 2856Reputation: 2856Reputation: 2856Reputation: 2856Reputation: 2856Reputation: 2856Reputation: 2856Reputation: 2856
Quote:
Originally Posted by solability View Post
We work with quite a bit of confidential information,
Confidential business-wise how or according to which official rules and regulations?


Quote:
Originally Posted by solability View Post
so need a systems that prevents certain office files from leaving the office - i.e. users should be able to to edit those files, but should not be allowed to attache to email, or save on usb sticks. Does any Linux server offer such a system?
Does the confidential information reside on different network(s)/server(s)?
Are there separate workstations for handling confidential information?
Are these workstations stored in a locked and shielded area that is only accessable to authorized personnel?
Are these workstations locked down appropriately to avoid physical, visual and networked data transmission?
Does authorized personnel require a unique and separate code for unlocking the area?
Ditto for unlocking the workstation?
Is authorized personnel screened for the task and trained to handle confidential information?
Is authorized personnel monitored and searched on the premises?


If you answer "no" to most or all of the questions above then we are probably not talking about the kind that is bound by formal, official rules and regulations but more likely "simple" business confidentiality. For any technical implementation to work it needs to be embedded in a framework which addresses separation of data, roles and access. It is costly in setup and maintenance but without framework you have no theoretical and practical way to enforce rules, audit access and penalize offences.
 
Old 08-10-2009, 11:49 PM   #7
solability
LQ Newbie
 
Registered: Jul 2009
Posts: 4

Original Poster
Rep: Reputation: 0
Thanks for all the replies.

It is kind of cat and mouse. However, if you have to take individual screen-shots with a third-party tool of, say, 100 individual powerpoint slides and then copy-paste them into a new document rather than being able to email the whole document, that does make a difference.
In addition, we are working with excel tools, whose background functions and calculation models are not visible to the user and cannot be copied through screenshots. But if a user is able to email the excel, the tools can leave the office and could be transmitted to our competitiors.

We are currently working with a Korean windows 2003-based system called TstoreSS, that more or less what we want, but not really happy with it. And it's windows-based only at this point in time.

Last edited by solability; 08-10-2009 at 11:56 PM.
 
Old 08-10-2009, 11:50 PM   #8
solability
LQ Newbie
 
Registered: Jul 2009
Posts: 4

Original Poster
Rep: Reputation: 0
English webiste http://www.tstor.biz/eng/
 
  


Reply

Tags
file, security, server


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Wordpad in Windows 7 beta will save documents in Open Document Format. mjolnir General 1 01-18-2009 07:10 PM
Opening Office 2007 documents abhi_69 Linux - Newbie 4 08-13-2008 12:09 PM
Open Office 2 corrupting documents eccles42 Linux - Software 2 08-03-2006 08:05 AM
Problem accessing open office documents over samba share jonic Linux - Software 0 11-18-2005 10:46 AM
Microsoft Office documents support (what office suite is better?) whiteunicorn Linux - Enterprise 1 12-08-2004 02:30 AM


All times are GMT -5. The time now is 03:16 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration