two laptops, two hard drives or remote access
 

I’m still new here and you guys have been great. This has been covered some but I was hoping on more opinions
I’ll be traveling with company supplied laptop. The company is pretty strict about personal use and rightly so as the laptop will contain fed regulated information.
But traveling so much I would like to be able to access personal email and financial web sites as well as play a bit of poker online. And I must admit curiosity when watching a movie and wondering what that actress looks like naked (you can find anything on the web :) So the company wants privacy as much as I do.

The question then becomes
1) Two laptops (and the extra weight)
2) Second bootable external hard drive
3) Remote access
I was just curious is anyone know the level of privacy I’ll receive using the second two options.
That is once the second drive is removed or the remote shut down will any actions be traceable on the laptop.
Also the company obviously doesn’t like installing addition software. Do either of the last two options require software installation?

Thanks

Is there such a thing as a "bootable" external drive for a laptop? If there is, then I think the chance of anything being traceable on the internal hard drive would be minimal.

Another option might be to get another internal hard drive for the laptop and then swap them as required (i.e. have one for work and one for play). This would depend on the laptop, but some of them make swapping the hard drive easy (and some make it hard).

Glenn

If this is Windows XP (or actually, any version of Windows) and you have a machine at home you can leave on, look into something called "Remote Desktop". It's built into XP:

Start --> Accessories --> Communications --> Remote Desktop Connection

RD is awesome. It will allow both the printers and the disk drives of the remote machine to be used on the local machine, or vice versa. It's just like sitting in front of the remote machine. It's a considerably better experience than X11 or pc-anyware remoting solutions.

You could then access the remote machine's web browser, and most "traceable" actions would not be caught.

If your company is really paranoid, they've installed a keystroke logger and you're out of luck. I suppose there's other mechanisms they could also use to capture your actions. But I'd consider what I describe above to be fairly safe.

-KF

most new laptops will allow you to boot from an external USB hard drive. I'm not sure how secure it would be and if it would write anything to your primary hard drive.

A remote desktop connection would work but it might be slow depending on your connection

Remote is probably too slow for what you want to do. It's limited by the speed of the connection.

Bootable external HD's would keep your activities from showing up on the primary but it would *NOT* protect against viral infection of the primary. Note that it also requires access to the BIOS to change the boot order, if the machines are locked down this might not be possible.

Obviously, two laptops do it but are heavy.

There's a fourth option that would be what I would favor assuming your IT department will approve: Run VMware on your laptop and do everything personal from inside it. Assuming the VMware session isn't configured to see the main HD it's almost impossible for anything that goes wrong in it to affect the main system. Unfortunately VMware session files are *BIG*, you very well might end up having to use an external HD to store the session.

Note that in addition to VMware itself you'll need an XP disk--VMware creates an *EMPTY* machine inside your machine, it's up to you to install whatever OS you want in it. (And it can support just about any OS also!) I haven't used it much but the only important limit I found with it is that it doesn't handle dos boxes too well and a dos box that runs graphics, forget it, the performance is basically intolerable.

It's amazing what good forensic work can show... a cautionary tale
 

Last spring my company had a salesperson leave, and we had reason to suspect he took proprietary information about clients. As part of the investigation, I brought in a forensic IT person from our (then) parent, who determined after analyzing the salesperson's PC, that he had attached an external hard drive, and downloaded about 4 GB of data.

The forensic person was able to tell me the manufacturer of the hard drive, its "serial number", and the dates/times downloading occurred. Our attorney confronted the new employer of the salesperson with the information. About a week later the employer responded that upon discussion with the salesperson, the ex-employee admitted to the activity.

We are currently in litigation, by the way, regarding "damages".

That is quite scary to hear. Any idea how your forensics contact was able to figure out so much information about an external hard drive? I never knew the date/times of file transfers were logged!

You have answered your own question. Don't do it if they won't approve of it and ask first. If anything goes wrong, even if your mouse dies or something and they see you broke their rules, it may not be pretty.

If they say no, then leave it at that.

Our machines are locked down, I don't let people put a external drive on them.

I don't know of any way this information could be logged without some kind of thirdparty application running on your machines. I'd certainly be interested in hearing what kind of logging Windows does on this information...

I'm not the person in question but it very well could be that the files in question first went to the main HD and then to the external.

Also, if they were downloaded by browser there would be the browser's history.

Identifying the HD itself is no surprise--Windows is going to record that serial # in the device table so it will recognize the drive if you see it again--remove it, plug it back in and you'll find it comes up with the same letter it had before.

How about...
4) A PDA with wireless capability?

Some of the new PDAs (Dell Axim x51v, among others) offer wireless, VGA screens and Windows Mobile 2005. For the limited email and web browsing needs you have, carrying one of these would be far lighter than carrying a separate notebook computer - and it would be completely off your company's system, so no chance at all of being snooped on or compromising your company's security.

an example of what employers could have on your system is Specter Pro. www.spectersoft.com
It's pretty scary--not only does it record keystrokes, it can also take random screen shots, monitor your application, and automatically notify your IT or compliance person via email when you type specific key combinations.
I think option 4--wireless PDA--would be the best call.

A new solution, looks very good!
 

http://www.vmware.com/vmtn/vm/browserapp.html

Obviously you still need permission from your IT guys to install this but it looks *VERY* safe.

It's basically the VMware solution I suggested before but without most of the hassles.

1) This is entirely free other than 300 mb of downloads.

2) The browser comes already set up, you don't need to install the OS in the virtual machine.

3) The browser is Unix-based, making it far harder for any malware to attack. Even if it could somehow violate the security of the virtual machine (something that by itself is very hard to do unless you have opened connections between them--I have never heard of this wall being breached) it would still have to be set up to attack both Unix and Windows.

I would not ever ever ever violate the company's IT policy. This is something that you could get hammered with. Hard evidence, hard consequences.