Sunday, July 24, 2011

INFOSEC that everyone working in IT should know

Note: this is a post I originally put on my FaceBook page in 2009, but I'm slowly migrating away from FB so I'm reposting it here since it's still relevant.
-----------
Seeing as how I'm now moving on again I think I'll offer some basic information security procedures that everyone should know. It's an inevitability that you will eventually have to turn in your work equipment with little to no notice and making sure you don't have personal information on it should be a concern from day one. Yes, storing your gmail, facebook, Twitter, etc passwords in FireFox is convenient, but that's definitely not something that you want left for a stranger to compromise. Here is a setup that I have determined to be best:

1. Load vmware on your system
2. Install a Linux distribution (I prefer CentOS) and make sure to select use an encrypted partition (use a good password too not 1234 or some other password that takes 2 seconds to crack).
NOTE: make sure VMWare is setup to keep the guest in RAM (so it doesn't use the swap).
If the host OS is windows do the following:
1. Install CCleaner and configure it as follows:
a) start at startup
b) secure deletion - DoD standard is more than enough
c) wipe free space
2. Have windows clear delete the swap file at shutdown.
3. Configure disk defragmentation to happen every night at midnight.

Now use the Linux guest to browse gmail, facebook, whatever personal stuff you want/need to do.

The host os (windows) will be you do all your completely business related activities (intranet, code development, etc). As long as a key logger isn't installed the guest os will be secure for using for your personal tasks. When it's time for equipment turn in all that then needs to be done is a quick delete on the VHD for the guest (one file). However, if you're not provided any time you'll at least know that no one will access your personal data unless they have obtained the key for your encrypted filesystem (by key logger or watching you enter it).

No comments:

Post a Comment