Re: Lab Computers, Research & Administrative Rights

[Dan Wasson <dan () NMC EDU>]

Another plug for Deep Freeze.  We have been using it for about 15 years and
have it installed on about 600 computers used primarily by students.  It is
a fantastic tool that has saved countless hours of time.

Dan



*Dan Wasson*
*Director Systems & LAN Management*
*Northwestern Michigan College*
*231-995-1164*
*dwasson () nmc edu <dwasson () nmc edu>*

*Don't be a scam victim - NMC and other reputable organizations will never
use email to request that you reply with your password, social security
number or confidential personal information.*

On Wed, Jun 6, 2018 at 10:58 AM, Barton, Robert W. <bartonrt () lewisu edu>
wrote:

> We...
> - Segment off the machines whenever possible.
> - Deep Freeze is used on the PCs.
> - MakeMeAdmin (https://makemeadmin.com/) -  We have not started to use it
> here, but we have been talking about it in certain circumstances, being
> needed.
> - Any access to the 'research' machines require a special AUP be signed.
> - Access to those machines is limited in AD; we've limited what machines
> specific AD users can log into.
>
> Robert W. Barton
> Director of Information Security
> Lewis University
> One University Parkway
> Romeoville, IL  60446-2200
> 815-836-5663
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv <
> SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Hahues, Sven
> Sent: Wednesday, June 6, 2018 9:08 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] Lab Computers, Research & Administrative Rights
>
> Hi everyone,
>
> I wanted to find out if some of you could share what some of the
> approaches you have taken when handling shared computers, such as devices
> used in labs that are hooked up to research equipment where faculty/staff
> and students may need to have administrative rights.
>
> We have been in the process of removing administrative rights, and if the
> computer is loaded by central IT, students do not have administrative
> rights.  We have been getting an increasing number of requests to allow for
> this to happen and are hesitant to do so.
>
> Could you guys share some of your approaches?
>
> Thanks,
>
> Sven
>
> Sven Hahues
> Florida Gulf Coast University
> Director, ITS Helpdesk, Network Services & Security
> Tel: (239) 590 1337
> E-Mail: shahues () fgcu edu
>
> This message (including any attachments) is intended only for
> the use of the individual or entity to which it is addressed and
> may contain information that is non-public, proprietary,
> privileged, confidential, and exempt from disclosure under
> applicable law or may constitute as attorney work product.
> If you are not the intended recipient, you are hereby notified
> that any use, dissemination, distribution, or copying of this
> communication is strictly prohibited. If you have received this
> communication in error, notify us immediately by telephone at
> (815)-836-5950 and
> (i) destroy this message if a facsimile or (ii) delete this message
> immediately if this is an electronic communication.
>
> Thank you.