Security Basics mailing list archives
Re: Rights
From: Dereck Martin <dmartin () mixxerinc com>
Date: Thu, 29 Jun 2006 16:52:00 -0400
I have saw somethign simalir to this, at another school. IT was a hardware device that was attatched to a pc slot and it basically locked the whole system, and any changes were made within a swap space. You could delete everyfile on the system and upon reboot it would magically reappear.
Also I at my company we uninstall IE and Outlook and use Firefox and Thunderbird in its place. I also use Symantec Anti Virus on the systems, and I have not had a piece of spyware/virus/adware in over 8 months on any of my client machines.
Dereck Martin
Desktop Support
Office: 317-472-9771
Cell: 812-374-2727
www.mixxer.com
_/
_/_/_/ _/_/ _/ _/ _/ _/ _/_/ _/ _/_/
_/ _/ _/ _/ _/_/ _/_/ _/_/_/_/ _/_/
_/ _/ _/ _/ _/ _/ _/ _/ _/ _/
_/ _/ _/ _/ _/ _/ _/ _/ _/_/_/ _/
Jeffery Adam wrote:
I work at a 2 year college with roughly 600 computers. In almost all of our student labs we rename the local machine administrator account and use it as the standard student logon, giving the student and the instructor apparent full control of the system. We have instead protected the system with a third party application called deepfreeze http://www.faronics.com/html/deepfreeze.asp . This has drastically reduced the workload on the IT Department and is more conductive for learning than restricting the machine to the point where it is barley functional. The user can perform any action from creating machine accounts to changing desktop backgrounds. A simple reboot removes any changes the student made to the system. Each system has a "thaw space" that is sized appropriately for the lab so the instructor has a place to store project files. Some labs have a mapped network share that the instructor has access to modify for placing assignment files in. the standard student logon has read only access to the network share. Another application we previously used is fortress 101 http://www.fortresgrand.com/products/f101/f101.htm this worked well in computer labs and showed potential for use in staff offices, since adopting deepfreeze we have discontinued use of fortress 101 I still like the product. -----Original Message-----From: I Freecycle [mailto:i.freecycle.too () gmail com] Sent: Wednesday, June 28, 2006 12:02 PMTo: security-basics () securityfocus com Subject: Rights Hello, I'm wondering how others deal with allowing users rights on work computers. At our school, users aren't normally given Administrator or Power User rights unless it's absolutely necessary. Occasionally we encounter employees and students that don't understand how easily a system can be messed up and the security issues involved nor why we feel it's necessary to operate like this. I would like to know what others do, and what policies they have in place to address these issues. Thanks, ------------------------------------------------------------------------ --- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of AcademicExcellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Rights I Freecycle (Jun 28)
- Re: Rights Saqib Ali (Jun 29)
- Re: Rights Dereck Martin (Jun 29)
- Re: Rights Philippe De Ryck (Jun 29)
- RE: Rights Jamie Wareham (Jun 29)
- RES: Rights Ricardo Perin (Jun 29)
- RE: Rights Lane, Jim (Jun 30)
- <Possible follow-ups>
- RE: Rights Jeffery Adam (Jun 29)
- RE: Rights David Smith (Jun 29)
- Re: Rights Dereck Martin (Jun 30)
- RE: Rights Jeffery Adam (Jun 30)