Security Basics mailing list archives
RE: Physical Computer Location
From: "Zachary Mutrux" <zmutrux () compumentor org>
Date: Thu, 28 Aug 2003 09:21:35 -0700
You can deal with it in a couple of ways. 1) Roll your eyes, alter the inventory to reflect the new computer's location. 2) Examine your equipment replacement policy to replace computers not based on age, but on who would benefit the company the most by having a new computer, based on improved productivity from a faster machine, for example. Maybe the doctor needs a new machine more than the secretary. 3) Disallow users other than the assigned user to log on to the computer. Or, just disallow the doctor from logging on to his secretary's machine. In dark and forbidding tones, forbid the secretary from revealing her password to the doctor. It doesn't do the doctor much good to move the computer if he can't log on. You can accomplish this in the local security policy on the computer if it is running Windows 2000 or XP. You might even be able to do it for whole groups of computers using Group Policy in Windows 2000 domains. If anyone complains about this, tell them you are applying the policy because of HIPAA regulations. Since you have more computers than users, obviously some users may need to log on to more than one machine. So proceed cautiously with this policy. 4) Talk to your supervisor about the problem and see if he can talk to the doctor's supervisor about the problem. This probably will be ineffectual. That's all I can think of right now. Yours, Zac -- Zac Mutrux Technology Consultant CompuMentor 415-633-9437 On Mon, 25 Aug 2003, Thomas Graf wrote:
Hello everyone! I am a newbie trying to make some in-roads in the network security department. I work at a hospital with approximately 1000 users but about 3000 computers. We are currently rolling out new computers and are having problems after they are installed. For example, we replace the secretary's computer but the doctor is fussing because he is not getting a new one. So, he being the powerful doctor will swap the new one with his old one. We then have the wrong location listed on the information database for that computer. We try to correct the situation as much as we can but this being a huge hospital, it gets very hard. So, what can we do to keep track of any physical movements of the computer over the network? Any suggestions are acceptable. We just can't lock down the computers because of all the movements in departments because of construction. Thomas Graf IS Hardware/Software Tech (254)724-0155
--------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- Physical Computer Location Thomas Graf (Aug 25)
- Re: Physical Computer Location John R. Morris (Aug 26)
- RE: Physical Computer Location Jason Chung-Tung (Aug 26)
- RE: Physical Computer Location Zachary Mutrux (Aug 28)
- RE: Physical Computer Location Kevin Ashurst (Aug 26)
- Re: Physical Computer Location Pete Hunt (Aug 26)
- Re: Physical Computer Location Charley Hamilton (Aug 26)
- <Possible follow-ups>
- RE: Physical Computer Location Tim Donahue (Aug 26)
- RE: Physical Computer Location Christopher Black (Aug 28)
- RE: Physical Computer Location David Sommers (Aug 28)
- Re: Physical Computer Location John R. Morris (Aug 26)