Ask HN: How do you prevent data leaks?
at pretty much every job i've been at, we've had Linux Servers that we ssh into.
these linux servers have customer data on them, builds, code, business critical shit.
if i were a malicious individual, i could easily just rm -rf important files, scp important customer data out to my home computer. or use dropbox to sync some critical business data into the cloud... or casually peruse customer data and take advantage of it. and there would be no evidence that i did anything at all.
obviously, it's not possible to handle this from the networking side. SSH is encrypted, and any network level scans would just see a bunch of bits flowing between the server and me.
is there some solution to prevent this kind of linux data leak from happening? is it normal in companies for anyone to be able to just log on to servers, do whatever they want, without any kind of auditing or recording or tracking whatsoever?
i'm curious, with data leaks like the ashley madison one... did they ever find the perpetrator? does anyone even care about securing data....?
what does your company do to prevent data leaks?
6 comments
[ 14.6 ms ] story [ 711 ms ] threadAccess to outside SSH is a big no-no. Access to outside file sharing (DropBox et al) is a liability unless explicitly required for performing job functions.
I've worked with a brilliant security mind (no irony here) who wanted to go as far as provide employees with remote desktop environments only, which were to run in a fully controlled environment. This removes attack vectors such as USB drives, computer theft, and so on. The proposal never flew, but the idea has merit and is thought-provoking in its own right.
You bring up remote desktop environments... its actually a good point... similar to what VM's on AWS are.
If the access point (SSH) is locked down and recorded, doesn't that pretty much remove any possibility of employees leaking stuff?
knowing that they are being recorded is a pretty big deterrent to leaking data right?
Relying on surveillance is folly; simply lock down access and remove privileges that aren't necessary. This is something you do once and never have to think about again, unless some event warrants a review. Thankfully such reviews can be triggered by normal business activity: new project, new employee, new team, new vendor product, etc.
i think theres still a use for surveillance. just my opinion.
then again. im paranoid. i want the fort knox of data.
they are constantly SSH'd running jobs on the data, using different tools to understand their data.
i think SSH will always exist going forward, and we won't be able to automate everything.
any other thoughts on how to prevent data leaks?