Re: Asset management, laptops as kiosks

["Phillip Fernandes" <pFernandes () voxdata com>]

Rob is correct, AD still applies. It should be noted however that the 
user must have logged on the machine at least once for caching to work.
What I normally do is create a global user with minimal rights 
specifically for access to machines used in trade shows. 
As you said, you can also create a local user for each machine, but the 
process becomes tedious when working with many devices. 

This email was sent from a Blackberry device.

----- Original Message -----
From: Rob <synja () synfulvisions com>
To: forest.monsen () gmail com <forest.monsen () gmail com>; 
listbounce () securityfocus com <listbounce () securityfocus com>; 
security-basics () securityfocus com <security-basics () securityfocus com>
Sent: Tue Jul 05 14:25:59 2011
Subject: Re: Asset management, laptops as kiosks

Active Directory still applies, even if a DC cannot be reached, you just 

have to make sure information is cached.

Rob
Sent via BlackBerry by AT&T

-----Original Message-----
From: forest.monsen () gmail com
Sender: listbounce () securityfocus com
Date: Tue, 5 Jul 2011 17:58:16 
To: <security-basics () securityfocus com>
Subject: Asset management, laptops as kiosks

I'm working with a group that has set aside essentially no budget for 
security, or even for a new laptop at this point.
 
They do have several Windows 7 laptops. They want to use them both as 
reduced-capability or locked-down "kiosks" at conferences (usually 
locked in a cabinet, but with external monitor/mouse/keyboard attached, 
so hardware ports are not accessible), and also let the staff use them 
with full capabilities to work when traveling (they may need to update 
the browser, et cetera).

The organization does already have an Active Directory server setup to 
authenticate folks when they're working inside their firewall, but at 
conferences, when they need the "kiosk-style" functionality, they might 
not have reliable Internet access. So it sounds like they need accounts 
on the local machine.

Without having their staff memorize new passwords -- one for each 
laptop's local account in addition to their Active Directory-managed 
password -- what's a good way for them to use these as dual-purpose 
machines?

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an 
SSL certificate.  We look at how SSL works, how it benefits your company 

and how your customers can tell if a site is secure. You will find out 
how to test, purchase, install and use a thawte Digital Certificate on 
your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your 
encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


--
This message was scanned by ESVA and is believed to be clean.
Click here to report this message as spam. 
http://esva.voxdata.com/cgi-bin/learn-msg.cgi?id=1B51D28533.71821




#--
#This message was scanned by ESVA and is believed to be clean.


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------