Hacker News new | ask | show | jobs
by mx2323 3731 days ago
what do you think about recording every SSH session?

You bring up remote desktop environments... its actually a good point... similar to what VM's on AWS are.

If the access point (SSH) is locked down and recorded, doesn't that pretty much remove any possibility of employees leaking stuff?

knowing that they are being recorded is a pretty big deterrent to leaking data right?
1 comments
maxaf 3731 days ago
I've personally come to assume that everything I do on an electronic device is being recorded all the time, so the mere presence of surveillance isn't in itself a deterrent. Most reasonable people will IMHO realize that no one's going to read through the interminable logs of SSH sessions, 99.999% of which will likely turn out to be most mundane and boring. Apart from that, storing and securing these logs will in itself become a liability. Imagine all the sensitive information that might get caught in those logs, only to be leaked itself in a titanic stroke of irony!

Relying on surveillance is folly; simply lock down access and remove privileges that aren't necessary. This is something you do once and never have to think about again, unless some event warrants a review. Thankfully such reviews can be triggered by normal business activity: new project, new employee, new team, new vendor product, etc.

link
mx2323 3730 days ago
yeah. what if one of those privileged accounts gets compromised or an admin goes rogue...

i think theres still a use for surveillance. just my opinion.

then again. im paranoid. i want the fort knox of data.

link