search

FOGProject / fog-client

A cross platform computer management client
GNU General Public License v3.0
108 stars 34 forks source link

Does FOG Client also take dump of external devices when creating an image? #131

Closed Eddcapone closed 3 years ago

Eddcapone commented 3 years ago

I received a new laptop from my company with FOG Client installed. I read that there is an image creation feature, which allows the admin to create a complete image of my computer and store it on the server.

This is not good from dataprotection perspective since I also store some private data on my computer, like OneDrive Cloud data. The admin could just "steal" my data this way.

How can I prevent this? Is it enough to store my private data on an external device or will the image dump also dump the external drive?

Sebastian-Roth commented 3 years ago

@Eddcapone Interesting question. The "image creation feature" (we call it image capture) is not something the fog-client software can do while the computer is booted into Windows! FOG image capturing can only happen when the device reboots into a PXE environment (boot from the network - needs specific settings within the local network) and you would definitely see that happening (black/white/blue terminal console instead of Windows GUI). The fog-client itself is only telling Windows to do a reboot so it can PXE boot (if that's enabled by default - usually not on laptops) and do the image capture. The image capture can be setup to also dump data from an external drive but it's kind of unlikely the FOG admin is doing this. All those things mentioned make it very unlikely for someone to be able to "steal" your data through image capture!

There is another fog-client software feature that you might be more concerned about in your situation. If the laptop is connected to the company network and communicating with the FOG server a so called snapin could be run on your laptop. A snapin can be a batch or powershell script doing various things, even copy data from A to B. Again I would think it's kind of unlikely for this to happen because someone would really have to want to steal particularly your data. It's not something that just happens - usually snapins are used to install software in the background but as I said, could copy files as well.

If you don't trust the company's IT I am wondering why you would save private data on that laptop at all. And on the other hand, do you really trust OneDrive with your private data?!