We utilize the SVW for our protect segregated network that contains PCI and PII and we found an interesting flaw in the SVW that i was wondering if anyone know how to solve. Basically users can access their my documents folder prior to connecting with the SVW and potentially move a malicious script or some application to grab any confidential data. Once connected to the SVW they can then access the "My documents" folder inside the SVW and possibly use that script to get what they want. I talked to support and they stated that the only thing we can do is deny and approve actual applications from being ran in the SVW but no a windows directory from being accessed. Being in the insurance felid we have to think of worst case scenario at all times and this seems like a huge hole in the design of the SVW feature. Any idea on how to prevent this?
support is correct: there is no way for SVW to prevent access to my documents as it is under the user profile and therefore allowed. you will need an enhancement request for this as an option.
in the meantime, you could do the following (if possible): disable my documents on your systems; move my documents to a network drive/new location and enable the restricted folder option in the SVW config
If you already have a JTAC ticket opened on this and if the support has confirmed your statement - I would suggest you to please talk with your sales and may be raise a ER (Enhancement Request) for your requirement.
I dont see any way to stop the users from access the "My documents" within SVW.
Please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks