Educause Security Discussion mailing list archives
Re: Other software like Google Desktop V.3
From: Graham Toal <gtoal () UTPA EDU>
Date: Wed, 15 Feb 2006 13:17:41 -0600
We are planning to put out a campus notice concerning Google Desktop and request that it NOT be installed and used. Can anyone share with me other names of similar software that will do the same thing?
I appreciate what you're trying to do and I know this isn't the answer you're looking for, but I'll say it anyway :-) ... If you physically allow people to install software and rely on their common sense and restraint not to install software that is against your policy, you're fighting a loosing battle. All that a policy like this will give you is an opportunity to pursue disciplinary action after the event - it won't help reduce the problem, whatever that is perceived as being. Obviously the simple answer to your question is to add "and any other desktop search software which could expose restricted data to unauthorized people" rather than enumerating which programs specifically are not allowed, but the proper way to handle this is to make your users into Windows "user"s rather than "power user" or "administrator", and use Group Policy or SMS to list only the programs which are *allowed* to be installed on your desktops. I know we're all in an academic environment and historically we've been focussed on the academic staff and therefore a tightly locked down computing environment has seldom been an option. But we have to look on our staff (as opposed to faculty) as employees of a business and quite separate from the academics, and start thinking seriously about supplying a far more restrictive environment for them, whenever we can. The vast majority of regular workers need email, word processors, the usual office suite of goodies; they don't need the ability to install Party Poker... The two biggest security issues come from allowing people to browse the web and to read email. Both of those are probably necessary for work but they can be far better controlled than we usually do. For instance both could be done in a throw-away vmware player environment, except for a few cases such as saving attachments. Anyway, bottom line answer to your question - think bigger than just blocking Google Desktop and similar programs. Band-aid measures *will* fail, and doing it properly is going to be a major undertaking so start thinking about how to do it as early as possible. Graham
Current thread:
- Other software like Google Desktop V.3 Theresa Semmens (Feb 15)
- <Possible follow-ups>
- Re: Other software like Google Desktop V.3 Brad Miller (Feb 15)
- Re: Other software like Google Desktop V.3 Graham Toal (Feb 15)
- Re: Other software like Google Desktop V.3 Theresa Semmens (Feb 15)