Prevent users from Printing, Taking files out of office and Capturing screen?

[calmman8]

Our director suspected some of our colleagues who have sold the confidential information to competitors but we lack proof. How can we prevent users from Printing, Taking files out of office and Capturing screen?

 

Thank you very much in advance for your suggestions.

[kencaz]

1) Preventing users from (physically) printing is not that hard... Network Security.

 

2) Taking of files from computers... Block Email and or Strip Search.

 

3) Preventing Screen Capture... refer to (2)

 

Really though It's very difficult to allow someone to work on sensitive files without compromising security. It's just a fact of life that can only be dealt with through legal means after the fact...

[BlackBox]

Welcome to CADTutor, and congrats on your first post!

 

Your situation is most unfortunate. Is it uncommon for employees at your place of work to plot drawings? Is there no other way for you to confront your staff as a group, and ask that they help you resolve this? Have you extended an opportunity for the potential violator to come forward?

 

In any event, I would use a command reactor (loaded silently with ACADDOC.lsp) that would fire when the command ended event occurs. Use the callback function to create a record of the action, making sure to note the date-time, loginname, command name, and document name.

 

This file must be available for write-access to the user(s), yet can be hidden, and or set to be a system file (so that the user(s) cannot see that the file is there.

 

If you wanted something to provide immediate notification, you could use the callback function to fire off an email using (vlax-get-or-create-object "Outlook.Application") to access the user's Outlook (presuming they have that installed) in order to send an email directly to the "monitoring" authority within your company. Just be sure to include the pertinent information noted above (minimum).

 

I use the automated Outlook emails frequently, when I want to query someone's AutoCAD environment, without pulling them away from production tasks. They do not experience any disruption in performance, no lag, etc.

[calmman8]

1) Preventing users from (physically) printing is not that hard... Network Security.

 

2) Taking of files from computers... Block Email and or Strip Search.

 

3) Preventing Screen Capture... refer to (2)

 

Really though It's very difficult to allow someone to work on sensitive files without compromising security. It's just a fact of life that can only be dealt with through legal means after the fact...

 

Thank you for your reply but we don't prefer blocking emails of users.We would like to take precaution so that someone works on sensitive files without external leakage.

[Organic]

Quite simply you can't really.

 

As Kencaz said, the only way would be to prevent allowing any storable media devices into the workplace. This includes mobile phones, MP3 players etc... Unless this is a high level security clearance workplace, no workplace is going to ban employees from having phones at work. The only way to be sure no one has storable media devices or files on them would be a manned security checkpoint in/out of the building. Which si not realistic.

 

You would also need to block internet access obviously. Blocking printing is possible although if they need to do drafting and print then this would be a huge pain if you had to get authorization to print.

 

At the end of the day you have to simply trust your employees. If the work is that sensitive, perhaps those employees you suspect should not be the ones working on that info.

[BlackBox]

Quite simply you can't really.

 

That is correct - you can only provide yourself a means of tracking specified activity, in the hopes of determining whom is responsible (if anyone).

[SLW210]

Thank you for your reply but we don't prefer blocking emails of users.We would like to take precaution so that someone works on sensitive files without external leakage.

 

There is the main problem, that statement is like saying you do not want water on the floor, but you refuse to install a roof. In that situation, all you can do is pray it doesn't rain. So I guess you best security measure will be "Pray no one sends out sensitive materials".

 

You can block and/or monitor email attachments, USB ports and items sent to plotters. You need to contact a security minded IT company/person. There is plenty of monitoring software out there.

[BlackBox]

Building on SLW's comments, even within AutoCAD you can implement counter-measures to help mitigate the issue(s) & concern(s). At minimum you can make it hard enough for the person to commit a violation, that the time necessary to work around your counter-measures increases their risk of being cought. Never mind the immediate notification method I use, and mentioned above.

 

... Just saying.

[Jack_O'neill]

Our director suspected some of our colleagues who have sold the confidential information to competitors but we lack proof. How can we prevent users from Printing, Taking files out of office and Capturing screen?

 

Thank you very much in advance for your suggestions.

 

10) Unplug thier computers from a power source

9) Replace their monitors with Etch-a-Sketches

8 )Fill all the usb ports with 5 minute epoxy

7) Have anyone who wants to access the network fill out a 28 page request form in triplicate for each file they want to see, which grants 90 seconds of access only to the file requested.

6) Use paper that catches fire unless being viewed under a special wavelength light source available only in your office.

5) Unscrew the trim plate from the wall where the network cable comes through, pull about an inch of cable out and clip it in two. Then stuff the ends back in the box and put the plate back on the wall.

4) Tie your network into your building security system so that anyone who accesses certain files has the fire sprinklers go off over thier heads.

3) Instead of email, hire some highschool kids with roller skates to carry messages back and forth from one person to the other.

2) Call a big meeting of everyone in the office where you kill, cook and eat the perpetrator right in front of them

 

and the number 1 way to prevent theft of computer data:

 

Hire better quality people!

:lol:

 

There are all sorts of security measures you can put in place, but when it boils right down to it, it's just like the lock on the front door. If someone wants in bad enough, it won't stop them. Hopefully, they'll be stupid enough to leave some tracks so you can find it and prosecute them. You'll need to be tactful when implementing this sort of stuff. If you create an atmosphere of suspicion and fear, you're good people will move on. Few people will want to work for someone that sees every employee as a potential thief, especially if they've been there a long time and never had any problems before. I'm not saying your company shouldn't take steps to protect itself, but I've seen it done right, and I've seen it done very poorly. If you make your long term, formerly trusted employees feel like they are no longer welcome, they will leave taking all that knowlege, intution and experience with them.

[Murph_map]

and the number 1 way to prevent theft of computer data:

 

Hire better quality people!

 

If you make your long term' date=' formerly trusted employees feel like they are no longer welcome, they will leave taking all that knowlege, intution and experience with them.[/quote']

 

 

Agree.......

[BlackBox]

[DANIEL]

violation of a signed intellectual property agreement is punishable by law, your company would have legal recoarse against those competitors and I'd be suprised if an investigation didnt turn up who was resposible for such a violation.

[Jack_O'neill]

violation of a signed intellectual property agreement is punishable by law, your company would have legal recoarse against those competitors and I'd be suprised if an investigation didnt turn up who was resposible for such a violation.

 

Yeah, but that's a lot harder to prove than you think. Believing or even knowing that it happened, and proving it in court are two very different things. If someone steals your car, you have proof you owned it in the first place, and when it turns up there may be evidence to prove who took it. If someone steals your idea, it's a lot harder hard to prove you had the idea first, and that it was indeed stolen. I worked for a company once that was embroiled in just such a battle when I came on board. After many thousands of dollars in legal fees, they finally gave up. There just aren't many ways to dust for fingerprints in the ether.

[DANIEL]

the only difference is the money corporations are willing to spend to either defend or prosecute, if I steal your car you won't find any of my fingerprints on it either ....... though I might be willing to frame a civil drafter for the right price, maybe even Dink or Renderman ......

[luckyson3]

Our director suspected some of our colleagues who have sold the confidential information to competitors but we lack proof. How can we prevent users from Printing, Taking files out of office and Capturing screen?

 

Thank you very much in advance for your suggestions.

 

I have heard that Curtain e-locker provides this type of protection. You can use it to restrict function "Printing, Taking files out of office and Capturing screen" with various settings on user workstations and file servers. Users will have to save files at the same folders (Protected Zones Only). The link below is for your reference.

http://coworkshop.com/curtain.html