New here? Create a new account!

Notice: Undefined index: category in /var/www/html/qa-include/qa-base.php(720) : eval()'d code on line 39

Computer stolen--How to secure data and disable S/R?

0 votes

Working in a sensitive situation, a team member’s Windows computer has been stolen. It is very possible someone is trying to access the team’s PT data and user information.

What needs to be done now to secure the PT data and PT user information?

For instance, with physical access to the machine I would assume the attacker will be able to get past the Windows user log in and have full access to PT as the registered user. I would not want S/R to go to that machine anymore.

Do we simply register a new user and change the project settings to take the original user account away? What else?

Paratext by (166 points)

1 Answer

0 votes
Best answer

Your idea is the best I can think of for Paratext 7.

Once everyone gets the updated user permissions, they will stop receiving
changes from the old user and if the person with the computer does a send
receive, they will be removed from the project.

John+Wickberg
Paratext Support

by [Administrator]
(3.1k points)
reshown

I have a question on the order of things here. Let’s say:

· The Admin removes the potentially malicious user from the project and does an Internet S/R.

· The malicious user makes malicious changes (before doing an Internet S/R to receive the updated Users, Roles, and Permissions), and then they do an Internet S/R.

Are the changes from the malicious user uploaded before the changes to Users, Roles, and Permissions are received and processed? Or, does Paratext see that the malicious user was removed from the project and therefore does not allow the malicious user to upload changes?

Thanks,

SIL+LSS+PNG

image

by (411 points)
reshown

I would assume that when the Project administrator does a
(subsequent) Send/Recv, he/she will be notified of any changes that
any of the users have made. So if changes appear from the
rogue/malicious user, it would be easy enough to say "Undo changes"
in that dialog box to remove any changes that they have made. (and
after their final s/r there shouldn’t ever be anything else coming
through from them).

Mark
by (2.6k points)
reshown

Paratext 7 and 8 always contact the server before doing a S/R to check the permissions set by the administrator so if the admin removes them from the project, that user should not be able to do a S/R and their changes will not be seen by other users.
However, security in Paratext 7 is not quite as tight as in 8, so I wouldn’t say there is no possible way that someone couldn’t contaminate the project if they tried hard enough. I would still pay attention to changes coming in and make sure no changes are done by that user.

by [Expert]
(16.2k points)
reshown

I can’t tell in the email history if this was mentioned but you can also
tick “Administrator must receive changes before they are received by
others” to keep control of things for a little while. But remove it as soon
as you can because it clogs things up a lot normally.

Blessings,

Shegnada J.

Language Technology and Publishing Coordinator, Nigeria

Text Processing Specialist GPS Dallas

Skype: Shegnada.SIL+LSS+PNG.

+[Phone Removed]

by (1.3k points)
reshown

Related questions

0 votes
3 answers
Paratext Lite on a phone to help teams S/R
Paratext Mar 15, 2019 asked by [Moderator]
dhigby (1.3k points)
0 votes
1 answer
S/R Verse Bridging Error?
Paratext Feb 18, 2023 asked by anon554738 (140 points)
0 votes
1 answer
Bible module not updated after S/R
Paratext Feb 2, 2023 asked by sonya_paoli (120 points)
0 votes
3 answers
New install cannot S/R Internet until after S/R USB key
Paratext Jul 31, 2022 asked by jeffh (1.3k points)
Welcome to Support Bible, where you can ask questions and receive answers from other members of the community.
Accept the one whose faith is weak, without quarreling over disputable matters.
Romans 14:1

Categories

2,616 questions
5,350 answers
5,037 comments
1,419 users