Greetings all,
Given the new threats and the change in policy with the airlines and traveling in and around the UK, has anyone changed their laptop and portable computing device policy? We are being questioned about the safety of executives traveling with their laptops.
Thank You,
Michael Cullen
Global Security, Universal Music Group
818 286-5473 (w) | 818 919-6974 ©
UMG GSO Michael (aim) | UMG.GSO.Michael (gtalk) | michael.cullen@umusic.com (msn)
The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that it is strictly prohibited (a) to disseminate, distribute or copy this communication or any of the information contained in it, or (b) to take any action based on the information in it. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer**.**
Are laptops being questioned now in the UK when going through
security? I would assume that they are probably wiping every laptop
and doing the explosive check that they do...
-Mike
> Given the new threats and the change in policy with the airlines and
> traveling in and around the UK, has anyone changed their laptop and portable
> computing device policy? We are being questioned about the safety of
> executives traveling with their laptops.
>
> Michael Cullen
>
> Global Security, Universal Music Group
>
> 818 286-5473 (w) | 818 919-6974 (c)
>
> UMG GSO Michael (aim) | UMG.GSO.Michael (gtalk) | michael.cullen@umusic.com
> (msn)
For me, i think there are two items that jump out:
1. durability of the case of a laptop being checked baggage vs.
carryon if indeed we now have to check bags on certain/all flights...
2. with regard to safety of laptops, if you mean that exec's are
targets of robberies, than this further lends value i suspect of
keeping everything on the network and having passwords to reach the
network from the laptop, etc.... Nothing on the laptop but pics of
the kids and mp3's. all downloaded legally of course... secure
computing/safeword/etc.. to reach your remote files would seem like a
good idea...
peter
you have sent a message to me which seems to contain a legal
warning on who can read it, or how it may be distributed, or
whether it may be archived, etc.
i do not accept such email. my mail user agent detected a legal
notice when i was opening your mail, and automatically deleted it.
so do not expect further response.
yes, i know your mail environment automatically added the legal
notice. well, my mail environment automatically detected it,
deleted it, and sent this message to you. so don't expect a lot
of sympathy.
and if you choose to work for some enterprise clueless enough to
think that they can force this silliness on the world, use gmail,
hotmail, ...
randy
randy, why not invite the new/etc... guy who probably never posted
before to come to a nanog instead of being so mean to the poor guy?
you have sent a message to me which seems to contain a legal
warning on who can read it, or how it may be distributed, or
...
apologies to all. i hacked my .vm and .procmailrc [0] last night,
and mashed elsewhere meaning my message went to list as opposed to
just the sender of the silliness.
randy
[0] - to repent, here is an interesting .procmailrc hack to reduce
backscatter. credit goes to rob austein for the equivalent
maildrop hack from which i stole
:
* ^(From:.*(postmaster|mailer[\- ]daemon)|Return-Path:.*<>)
{
:B
* !^Message-ID:.*@.*(psg|iij|bogus)\.com
$TRASH
}
I think the issue is more to do with theft by dodgy baggage handlers (or randy if he sees a disclaimer notice on the laptop case in which case he'd throw it in the trash and ask the airport concierge to make an announceent about it over the airport PA system ;)). If you have data that is so sensitive then in theory you should already have a security platform (encryption etc) on the laptop as you are just as likely to get mugged in the street as you are to get your luggage stolen. One thing that I know for some smaller companies is that their disaster recovery plans may need reviewing in light of this policy.
Regards,
Neil
Of course take precautions with leaving files on the network, and
using "secure" remote access to those files, but I don't necessarily
trust most users to not keep some sort of sensitive data on local
disk, so we started rolling out PGP whole disk encryption...
Chris
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Peter Cohen wrote:
2. with regard to safety of laptops, if you mean that exec's are
targets of robberies, than this further lends value i suspect of
keeping everything on the network and having passwords to reach the
network from the laptop, etc.... Nothing on the laptop but pics of
the kids and mp3's. all downloaded legally of course... secure
computing/safeword/etc.. to reach your remote files would seem like a
good idea...
That sounds like good advise, however being the sibling of a former
executive from the same company as the OP, I don't think that advice
would, er... fly (bad pun). The problem isn't securing the data, it's
educating the user... and that can't be done in the time between today
and the next executives flight. Laptop security really sucks these
days... this is certainly an area for a lot more focused thought. One
could easily spend less than $1000 paying off baggage handlers to
side-track laptops, boot them one time from a CD containing a rootkit
installer, and put them on the original or next flight. Which exec
would ever know what happened?
- -Jim P.
In article <1b5c1c150608110937m452ce532y70a4eb69d0f6af7c@mail.gmail.com>, Mike Lyon <mike.lyon@gmail.com> writes
Are laptops being questioned now in the UK when going through
security? I would assume that they are probably wiping every laptop
and doing the explosive check that they do...
No, in the UK they aren't checking laptops, they are insisting they all go in the hold. And to answer another question: That includes Disk drives and memory cards (and all other electrical items).
The UK's objective is mainly having a very short list of what's allowed, to speed up searching at security by reducing the quantity of items.
Plus "liquids", even when purchased inside the airport, being added to a blacklist for Transatlantic flights *both* ways.
You may find more scrutiny of electrical items if your travel originates outside the UK, but the main issue here is the complete ban, outbound.
Given the new threats and the change in policy with the airlines and
traveling in and around the UK, has anyone changed their laptop and
portable computing device policy? We are being questioned about the
safety of executives traveling with their laptops.
You have just lost a valuable shield and weapon!
No longer will you have an almost closed laptop lid to tuck your fingers
under while parrying box-cutter thrusts with the base of the laptop used as
a shield.
And no more ULTIMATE frisbee with rectangular corners or hand held blunt
hatchet to crunch holes in a hijacker's skull.
And viewing it as a more civilized weapon, you have now been deprived of the
means to play for your seat row-mate's enlightenment any of the myriad of
9/11 DVDs, that an ever growing hoard will proclaim prove 9/11 could not
possibly have been done by those we have been told did it, or, even better,
some of which present compelling arguments that 9/11 was the much desired
and occasionally mentioned "2nd Pearl Harbor" to be orchestrated to forward
various non publicised but very domestic agendas.
I suspect dumb thin clients are in many of our futures. Rental shops or
company branch offices will be well stocked with inexpensive units and
whatever you need to run boots up from a DVD or USB thumb drive. It is hard
to leave anything sensitive on a machine that has no hard drive.
Pity the folks gearing up to sell internet access on flights. Perhaps per
seat video screens double as thin client monitors. Watch the business grow
of the first airline offering such service.
Or we will have to wait until the next president, if we are even allowed to
have elections under marshall law after a 9/11 jumbo-REDUX someone we should
hope is protecting us might even be working on right now.
The single biggest thing that is bypassing a feckless or even "owned" press
is the internet, and our job is to keep it as free and as open as possible.
Given that business executives need their laptops, and that they
largely fly commercial across the Atlantic, I suspect that any
ban on laptops will not last long.
Regards
Marshall