[Winterof1978]

I am an investment banker and am going on vacation soon. A lot of my client files are on an encrypted USB flash drive that I use at home. When I am on vacation I plan to take the drive with me I may have to access those files on an outside computer. If I view any files from the external drive without amending, saving, coping, or importing,,,,just viewing. Will any of the data remain on the computer after I remove the drive? Ghost images or anything that could be recovered?

[Advertisements]

If you use a program like Word or a browser tuned in a specific way a $tmp copy might remain somewhere in the system. Might not.

If you don't restart the computer after viewing the files, they do remain in the RAM and can be digged out of it.

 

In theory, someone could find access to the copies Word or Internet browser creates while you view the files.

[Lemurian]

If you use a program like Word or a browser tuned in a specific way a $tmp copy might remain somewhere in the system. Might not.

If you don't restart the computer after viewing the files, they do remain in the RAM and can be digged out of it.

 

In theory, someone could find access to the copies Word or Internet browser creates while you view the files.

[paws]

Using  a computer whilst on vacation ( especially if it is not your own computer and kept secure) involves risk.

 

When carrying out your risk assessment its important to consider not only the likelihood of your client's data being compromised, but also the consequences both for them and for you...should this happen.

 

Presumably as an investment banker with client data files probably containing sensitive information, you are subject to some regulatory control in the jurisdiction in which you operate?

 

The Compliance Officer's department of the Investment Bank or regulator may be able to provide further guidance.

 

Unless you are certain that your client's data can be accessed on another computer without risk of it being compromised,  then it would not be wise.to attempt it. Almost by definition another computer will be used by other folks....and even in what may appear to  be a controlled and highly secure environment it is not unknown for trojans or key logging or data capture code to be present....

 

Your own laptop or small form factor device that you know is as secure as possible may be a more suitable manner to access the data...

Regards

paws

[Winterof1978]

Using  a computer whilst on vacation ( especially if it is not your own computer and kept secure) involves risk.
 
When carrying out your risk assessment its important to consider not only the likelihood of your client's data being compromised, but also the consequences both for them and for you...should this happen.
 
Presumably as an investment banker with client data files probably containing sensitive information, you are subject to some regulatory control in the jurisdiction in which you operate?
 
The Compliance Officer's department of the Investment Bank or regulator may be able to provide further guidance.
 
Unless you are certain that your client's data can be accessed on another computer without risk of it being compromised,  then it would not be wise.to attempt it. Almost by definition another computer will be used by other folks....and even in what may appear to  be a controlled and highly secure environment it is not unknown for trojans or key logging or data capture code to be present....
 
Your own laptop or small form factor device that you know is as secure as possible may be a more suitable manner to access the data...
Regards
paws

The USB drive is encrypted using trucrypt software so I feel the client files on the drive are safe should the device be lost. To help eliminate risk further I suppose I can bring my own laptop but that brings up a concerning issue. What is the point of going to all the trouble of encrypting data on an external drive if only to have the data vulnerable for recovery on any device I use to view the documents?

[paws]

Let's suppose someone (or something) has installed a key logger on the computer (not your own, but the one you use to view your encrypted files)

 

To view the files you apply your password to view the encrypted files.... and the keylogger does its stuff.... if the computer is connected to the net then the malicious code can forward the details to its control centre.... if its not connected then it can send the data the next time it is....

 

Some Remote Access Trojans can execute malicious code, steal passwords and log in credentials and "back doors" can give an attacker almost complete control over the computer and what its used for...

 

Don't let this worry you unduly, but do bear it in mind when carrying out your risk assessment, and review of the security and protections in force on the computer youi are likely to be using for viewing the clinet data.

 

As long as you feel confident that you have taken all reasonable and appropriate steps to protect client data and  can defend  the procedures you have adopted  then you should be OK...

 

However it might be wise to consider how you would respond to questioning by the Regulatory Authorities in your jurisdiction to questions such as..

 

"  having carried out a full risk assessment and dilligent review of all pertinent security issues, you must have had powerful and compelling reasons for using a computer with unknown protections and not normally in your custody or control to access client data of a sensitive nature during your vacation....Please tell  us what they were"

 

If you feel that you have a good and sufficient response then you could go ahead

 

Hope this helps

Regards

paws

[paws]

It might be wise, also to have a good look here:
http://www.geekstogo...pt-end-of-life/

as there is some interesting information about truecrypt....

It is probably time to complete a full risk assessment of your current position and especially of your client's data.
Regards
paws
Regards
paws

[Facedown98]

Hello Winterof1978, and welcome to Geeks to Go!

 

It sounds like the data is fairly secure should the USB drive be lost, stolen, or otherwise misplaced. The files themselves are theoretically secure. If you enter your password to access the drive and open a file, then it's possible that the application(s) used to open the file will store cache on the local disk --- not the encrypted disk. This can result in a security breach should someone attempt to recover data on that computer. Further, the information is stored in RAM, which could also be recovered with the right know-how and tools.

 

A breach is unlikely but certainly possible given the scenario. If you have the resources, I would use my own equipment or equipment owned by the company. If you are not issued your own laptop for daily use then I would recommend contacting the technology or training division with your company to obtain a "loaner laptop."

 

I completely agree with the advice provided by paws and wish you well on your well deserved vacation!