M
Mark Ingram
Guest
Hi Vanguard,
Perhaps I didn't explain things properly. She has absolutely no
self-interest in having another agent's info pre-populate fields in her
browser. She has to type over those fields every time she accesses these
vendor websites.
All she wants is for her info to populate these fields.
Thanks for any insight,
Mark
"VanguardLH" wrote:
> Mark Ingram wrote:
>
> > "VanguardLH" wrote:
> >
> >> Mark Ingram wrote:
> >>
> >>> A user in a 20 user office has two frequently used websites that store
> >>> username/password combos (as well as other data) of other users in the
> >>> office. The users all have their own domain user accounts and their own
> >>> computers.
> >>>
> >>> What needs to happen to prevent other user's data from being
> >>> saved/pre-populating those fields?
> >>
> >> Why aren't these users logging under their own separate Windows account?
> >> Even if they go wandering around to use other hosts, roaming profiles still
> >> has them logging under their own domain account. Stop sharing accounts.
> >
> > Thanks for your reply. As I mentioned, "the users all have their own domain
> > accounts and their own computers".
>
> "A user in a 20 user office has two frequently used websites that store
> username/password combos (as well as other data) of other users in the
> office"
>
> From that description, you need to act against this user and eliminate their
> malware that is stealing login credentials. You have a hacking user
> violating the privacy of other users and the company by somehow acquiring
> their login credentials (perhaps using a keylogger) and uploading that data
> to an off-domain website (so they can do a lookup as they wander around to
> the various compromised hosts). As he wanders around breaking into these
> hosts, the login credentials he reenters in the login fields of the web
> browser are getting saved because the users of those host configured their
> web browser to save the login credentials (i.e., the user enabled their web
> browser's auto-complete function).
>
> You will need to cleanup the infected hosts. You will need to take action
> (termination, legal, or both) against this violative employee.
Perhaps I didn't explain things properly. She has absolutely no
self-interest in having another agent's info pre-populate fields in her
browser. She has to type over those fields every time she accesses these
vendor websites.
All she wants is for her info to populate these fields.
Thanks for any insight,
Mark
"VanguardLH" wrote:
> Mark Ingram wrote:
>
> > "VanguardLH" wrote:
> >
> >> Mark Ingram wrote:
> >>
> >>> A user in a 20 user office has two frequently used websites that store
> >>> username/password combos (as well as other data) of other users in the
> >>> office. The users all have their own domain user accounts and their own
> >>> computers.
> >>>
> >>> What needs to happen to prevent other user's data from being
> >>> saved/pre-populating those fields?
> >>
> >> Why aren't these users logging under their own separate Windows account?
> >> Even if they go wandering around to use other hosts, roaming profiles still
> >> has them logging under their own domain account. Stop sharing accounts.
> >
> > Thanks for your reply. As I mentioned, "the users all have their own domain
> > accounts and their own computers".
>
> "A user in a 20 user office has two frequently used websites that store
> username/password combos (as well as other data) of other users in the
> office"
>
> From that description, you need to act against this user and eliminate their
> malware that is stealing login credentials. You have a hacking user
> violating the privacy of other users and the company by somehow acquiring
> their login credentials (perhaps using a keylogger) and uploading that data
> to an off-domain website (so they can do a lookup as they wander around to
> the various compromised hosts). As he wanders around breaking into these
> hosts, the login credentials he reenters in the login fields of the web
> browser are getting saved because the users of those host configured their
> web browser to save the login credentials (i.e., the user enabled their web
> browser's auto-complete function).
>
> You will need to cleanup the infected hosts. You will need to take action
> (termination, legal, or both) against this violative employee.