Computer Security - tech help please!

[beanzontoast]

I have often wondered about this...

I keep work documents and charts on a data stick - nothing earth-shatteringly confidential, but not information I'd want someone outside the company to read. If I load them to work on at my pc at home, but only ever save them to the data stick, is there any way my home pc is somehow also storing the information on its hard drive anyway? From a security point of view, is this a secure enough way of working?

 

[Desert Orchid]

They will be in your Temp folder,
A folder that Windoze by default keeps hidden

 

[Carwash]

You don't want people outside the company to read these documents. Why do you feel that keeping them on a data-stick is in any way more secure than keeping them on your home PC?

 

[beanzontoast]

Carwash - have always used a data stick, partly as a backup. The data stick goes where I go basically, so in that sense, it's unlikely to be physically lost.

Desert Orchid - does the temp folder get re-written? Have visions of my home pc accumulating dozens of old work documents that I don't know are still lurking somewhere on the hard drive!

 

[Night Train]

What I do every so often is to delete my temp files.
When I first switch on my pc I search *.tmp and it will find all the temp files that are outstanding and not needed for the running of my pc. I delete them. The pc will then create more temp files as it needs them for the running of programmes.

I also search out hidden folders and remove temp copies of any files I know are not needed and empty my recycle bin.

A techie will now come along and tell me I am doing it wrong and that is why my pc breaks down.

 

[beanzontoast]

What I do every so often is to delete my temp files.
When I first switch on my pc I search *.tmp and it will find all the temp files that are outstanding and not needed for the running of my pc. I delete them. The pc will then create more temp files as it needs them for the running of programmes.

I also search out hidden folders and remove temp copies of any files I know are not needed and empty my recycle bin.

A techie will now come along and tell me I am doing it wrong and that is why my pc breaks down.

I have been told that deleting temp files doesn't actually remove them from the drive, it just removes the label that identifies them to the OS - or is this wrong? So the data is still there, even if it was only opened from/saved to the data stick and never actually saved to the hard drive?

 

[Fnaar]

I have often wondered about this...

I keep work documents and charts on a data stick - nothing earth-shatteringly confidential, but not information I'd want someone outside the company to read. If I load them to work on at my pc at home, but only ever save them to the data stick, is there any way my home pc is somehow also storing the information on its hard drive anyway? From a security point of view, is this a secure enough way of working?

I do the same, though my workplace offers a personal drive accessible from anywhere (if the pc/mac in question has a piece of software loaded...not always possible, but ok from home). Does your workplace offer you any other way of transporting data? Or does it allow you to transport data? Or does it insist that you transport data? The answer should dictate whether or not what you do is suitable; and maybe it will also tell you whether or not your workplace should provide you with/pay for a means of transporting/securing that data.

 

[Desert Orchid]

Beanzontoast, YHM

 

[domtyler]

Why not just change your temp directory to point to a directory on your USB stick once you plug it in?

To do this just open a command window and type in:

set temp=G:Temp

where G: is your USB stick. When you unplug just reverse it by typing

set temp=c:temp

 

[fossyant]

If you are taking stuff that is that confidential into work, then don't.... keep it at home.

Our PC's are locked right down, so you can't fiddle with any settings

 

[Smokin Joe]

As said, deleting things on a PC only stops them being accessed via the keyboard. Eveything that was ever stored on your hard drive remains there until it is overwritten, and on modern high capacity drives that may never happen. Programmes are freely available on the net which will allow anyone to easily access files which you think you have got rid of via the delete key.

To ensure security, you need something like Cyberscrub which will overwrite the free space on your drive, thus erasing any previously deleted files.

 

[beanzontoast]

Thanks everyone. Good to understand how it works now.

Des Orch - YHM!

dom - what a great idea! I'll give that a try too.

 

[domtyler]

To be fair, if this stuff really shouldn't be read by anyone else then you need to look at encrypting the data/documents. No matter how sure you are you can never be a hundred percent certain that you won't lose your stick or have it stolen.

 

[beanzontoast]

True - I make sure nothing really sensitive to the business is involved on my data stick: such stuff is kept secure on and off site. The 'daily' documents I'm concerned with are never of that kind, but I was just interested to know what the situation was regarding loading data from an external source ans how secure it was.

 

[Ghost Donkey]

As a general comment to everyone please don't only keep data on a memory stick. The number of staff and students where I work loosing important work this way is frightening. Memory sticks get lost easily and can be prone to physcal damage. If the hardware is damaged but not the memory part data recovery is very possible but a specialist operation and costs hundreds for a USB stick. If you work at home too you could maybe save it on your home computer and work on it there and then save it back to the stick or vice versa. Lose or damage the stick you have a recent copy. Keep a copy at work also before taking it home. If it is company data you could consider using a free program such as 7-zip to encrypt the data so if you lose it there is some protection.

I tend to use email for this kind of thing (encrypted 7-zip attachment).