Security issue in the work network (against hacker employers)

Page 1 of 2 12 LastLast

  1. Posts : 7
    Windows 7 Ultimate x86
       #1

    Security issue in the work network (against hacker employers)


    I work in the accounting department of a big hotel complex and I have a very complex VBA script in EXCEL which saves a tremendous amount of time (especially at the end of each month that we 'close' the books). That script I have been developing it through the last years using knowledge from past jobs too. The reason I did this was to make my life easier and it is a project entirely mine having nothing to do with my job obligations.

    The thing is that my employers are really pressing me to give them the script. They even passed on the wild side, threatening me indirectly that they will fire me.
    Of course what they really want is (as I found out from inside sources) to take the script, sack me and hire someone 5 years younger with half the salary to just run the almost fully automated script to do the job!!

    So:
    1)The network is running DameWare
    2)We cannot run any .exe on the pc and probably other executables
    3)I am always running the script from a usb stick of mine

    What I would like is some help from you guys to tell me how can I protect the script from possible hacking, and to be more exact:
    1)How to encrypt/lock the files on the usb in case of physical theft?
    2)How to prevent the hacking\copying of the script (through the network) at the time I am actually using it?
    3)After using the script is there any chance that it stays on the disc in the form of cache or temporary files or anything like that.If it does how can I wipe the 'footprints'?

    If you read this line you must have a lot of patience.
    I would appreciate any answer from you guys as the annual closing of the books is in 2 weeks and the pressure is really on! (they hire staff through 1year contracts if you know what I mean)
      My Computer


  2. Posts : 1,800
    Windows 7 Pro x64 SP1
       #2

    LSDAlka, welcome to the windows 7 forums.
    I recommend you search for a password protected folder program. That way you can put your script in a folder on your USB stick and then before you can open the folder to execute your script, they would need your password.

    Other than that, why don't you password protect your VBA Excel script?

    Rich
      My Computer


  3. Posts : 150
    Windows 7 Ultimate x64, BackTrack Linux 5 R2, Windows XP
       #3

    Interesting situation you have yourself in there. As far as the security of your script, I would suggest that you purchase an AES-256 bit encrypted thumb drive. Do a google search for "encrypted thumb drives" or the like and you'll find a plethora of options. Go for the ones offering hardware-based encryption.

    Since you mentioned you can run the script off of the thumb drive, continue to do so. Although I'm sure it won't take long for the IT department to catch on--it's surprising that they allow USB removable devices, let alone the ability to run VB scripts. Never leave your thumb drive unattended, and plug it in and use it only when you intend to run the script. Unplug when done. That's probably the best thing you can do.

    2)How to prevent the hacking\copying of the script (through the network) at the time I am actually using it?
    If you run the script, you don't have any visible code popping up on screen, correct? I don't think you'll have to worry about this. I'd have to know a little more about how the script works to provide an effective answer.

    3)After using the script is there any chance that it stays on the disc in the form of cache or temporary files or anything like that.If it does how can I wipe the 'footprints'?
    As far as I know, VBscripts are not cached on the local machine unless they are login scripts from a domain controller. I don't think you'll have to worry with this one either. Good luck!
      My Computer


  4. Posts : 7
    Windows 7 Ultimate x86
    Thread Starter
       #4

    Thank you both!I really appreciate the response.
    doubled822 you really made me feel a little bit more reassured. I think I am going to sleep better tonight:)
    richnrockville I think it will be a piece of cake for someone who has the 'know how' to hack the password of excel vba script.
    But since I don't think that I'll go to the 'buy hardware protection' with only one month and something on my contract I would like a clarification about the 'password protected folder program' cause I don't really get it (Note:no .exe can run on the pc, though I haven't tried it from the USB -not even from the HD-they just told us that on the first days)

    Thank you for the welcome!I at last decided to register after the 1001st time I visited sevenforums!!!
      My Computer


  5. Posts : 150
    Windows 7 Ultimate x64, BackTrack Linux 5 R2, Windows XP
       #5

    LSDalKa said:
    Thank you both!I really appreciate the response.
    doubled822 you really made me feel a little bit more reassured. I think I am going to sleep better tonight:)
    richnrockville I think it will be a piece of cake for someone who has the 'know how' to hack the password of excel vba script.
    But since I don't think that I'll go to the 'buy hardware protection' with only one month and something on my contract I would like a clarification about the 'password protected folder program' cause I don't really get it (Note:no .exe can run on the pc, though I haven't tried it from the USB -not even from the HD-they just told us that on the first days)

    Thank you for the welcome!I at last decided to register after the 1001st time I visited sevenforums!!!

    I just thought of something--a lot of those encrypted thumb drives require an executable to be run to "unlock" the hidden/encrypted partition of the thumb drive. You may want to do some extra research on some of them to be sure.
      My Computer


  6. Posts : 7
    Windows 7 Ultimate x86
    Thread Starter
       #6

    I am sure your idea will provide the best drive protection but it admittedly hurts my 'ego' to go in that direction with so litlle time on my contract.If I renew my contract this is probably the first thing I'm gonna do!
    You know this is the first time in the 7 years I have in the profession that I meet so profoundly greedy managers!!!
    And it is the general economic CRISIS i guess

    What about BitLocker as a free alternative?I have never tried it(I even removed it from the context menu
      My Computer


  7. Posts : 2,464
    Windows 7 Ultimate x64
       #7

    To begin with, I would encrypt the pendrive to prevent anyone from using it. I'm using a free program called Truecrypt to do that job, it's portable and works great. Carry it in the drive, run from there and put the Excel inside the encrypted archive (remember to set a VERY good password). The Excel itself may have another, different, password. Also have CCleaner portable handy on the pendrive. It comes with an option to wipe out files securely by overwriting them (in expert hands, recover deleted files from a HDD is really easy).

    If network may be a problem, you must use a good firewall. Block EVERYTHING you don't need, and only allow specific executables though specific ports, nothing more. If you're paranoid, they may try to break into your computer by the various security holes the default Windows install has, or may have installed some spyware to send info back. A firewall prevents both of those. But if they can get admin permissions when you're away, they can disable all that.

    Another solution may be running the script exclusively at home, using your work computer just to start a remote session on your home PC, which contains and run the script and sends back the results. Again, if you're really paranoid, use a SSH server on your home with a private/public key authentication to avoid network sniffers and keyloggers.

    And ultimately, take some legal protection. Go and register the script as your work. Then, if they get it somehow, you have the legal right to demand them for copyright violation. Optionally, you can make the script "phone home" each time it's used to get some evidence.

    I'm too becoming too paranoid with security
    Hope that helps.
      My Computer


  8. Posts : 7
    Windows 7 Ultimate x86
    Thread Starter
       #8

    thanks alejandro for the Truecrypt solution.It seems appropriate.
    In general I think you didn't get that it is the administrator of the network at work that I am afraid of, not anyone outside. Moreover we don't have internet access and we can't tweak the firewall etc, not run wipers(at least from an exe-maybe from bat I don't know).
    Anyway I think I am going to try to bring my laptop at work, do the job and copy the data afterwards
    However I don't know how they will react, as I have not taken my laptop at work not even once

    Last Question: How strong is BitLocker protection in case of physical theft of the usb stick??
      My Computer


  9. Posts : 150
    Windows 7 Ultimate x64, BackTrack Linux 5 R2, Windows XP
       #9

    I second TrueCrypt as a free solution. We use that at work and it is great!

    Last Question: How strong is BitLocker protection in case of physical theft of the usb stick??
    BitLocker offers 128- and 256-bit AES encryption. TrueCrypt gives you a bit more options, but that would definitely be sufficient. However, to use BitLocker, you'll need a computer running Windows 7 Ultimate or Enterprise to perform the initial encryption.
      My Computer


  10. Posts : 7
    Windows 7 Ultimate x86
    Thread Starter
       #10

    Thanks:)
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:57.
Find Us