RE: Rights

["Jeffery Adam" <jadam () seark edu>]

Yes the user can install applications and use the application if the
installation does not require a reboot. When the system is rebooted the
application is completely gone, the same as if the system had been
re-imaged If it is necessary for an application to be installed
permanently someone from IT can temporary disable deepfreeze with a
password to install the application. As I understand the explanation of
how this product works Deepfreeze loads as a kernel module long before
there is a desktop. the actual installed operating system and
applications are never touched while the system is running frozen
instead deepfreeze creates a virtual copy of the file in free space and
alters that copy. After a reboot the virtual disk containing the changes
is disregarded restoring the computer to a state before the user ever
had access to the system.


-----Original Message-----
From: David Smith [mailto:nich95ds () gmail com] 
Sent: Thursday, June 29, 2006 2:55 PM
To: security-basics () securityfocus com
Subject: RE: Rights

When you say "any action", does that include installing applications? If
so,
will the application be completely uninstalled upon reboot?

-----Original Message-----
From: Jeffery Adam [mailto:jadam () seark edu] 
Sent: Thursday, June 29, 2006 8:12 AM
To: security-basics () securityfocus com
Subject: RE: Rights

I work at a 2 year college with roughly 600 computers. In almost all of
our student labs we rename the local machine administrator account and
use it as the standard student logon, giving the student and the
instructor apparent full control of the system. We have instead
protected the system with a third party application called deepfreeze
http://www.faronics.com/html/deepfreeze.asp . This has drastically
reduced the workload on the IT Department and is more conductive for
learning than restricting the machine to the point where it is barley
functional. The user can perform any action from creating machine
accounts to changing desktop backgrounds. A simple reboot removes any
changes the student made to the system. Each system has a "thaw space"
that is sized appropriately for the lab so the instructor has a place to
store project files. Some labs have a mapped network share that the
instructor has access to modify for placing assignment files in. the
standard student logon has read only access to the network share.
Another application we previously used is fortress 101
http://www.fortresgrand.com/products/f101/f101.htm this worked well in
computer labs and showed potential for use in staff offices, since
adopting deepfreeze we have discontinued use of fortress 101 I still
like the product.

-----Original Message-----
From: I Freecycle [mailto:i.freecycle.too () gmail com] 
Sent: Wednesday, June 28, 2006 12:02 PM
To: security-basics () securityfocus com
Subject: Rights

Hello,

I'm wondering how others deal with allowing users rights on work
computers.

At our school, users aren't normally given Administrator or Power User
rights unless it's absolutely necessary.  Occasionally we
encounter employees and students that don't understand how easily a
system can be messed up and the security issues involved nor why we
feel it's necessary to operate like this.


I would like to know what others do, and what policies they have in
place to address these issues.

Thanks,

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---




------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---

-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.9.4/375 - Release Date: 6/25/2006
 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.9.4/375 - Release Date: 6/25/2006
 


------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---




---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------