Educause Security Discussion mailing list archives
Re: Open access to student labs
From: Greg Vickers <g.vickers () QUT EDU AU>
Date: Thu, 21 Dec 2006 09:20:44 +1000
Hi Boaz, Boaz Gelbord wrote:
Dear all, I would be interested in knowing how many institutions have student labs with open access versus forcing users to login. At the New School we have open labs in which students need to identify themselves at the front desk but can then just sit in front of a terminal and work without logging in (we also have some public terminals in the cafeteria and elsewhere where no ID is required). These machines are locked down so that students have no administrative privileges. Forcing users to login at the labs would be a technical challenge and create extra work for our helpdesk but would help us track down users who violate our policies or in case of an incident.
Here at QUT there are ~2000 lab hosts across four geographical locations. Central labs are managed by one group (~1500 hosts) and the other lab hosts are spread across other faculties/schools. We have an AD implementation and to get access to a lab host a student has to use their student number and password to log onto a lab host. Some labs are protected by swipe access using the Cardax system, but this does not stop a student who will wait at a door until someone else with swipe access comes along and lets them in. This is not a huge problem, it's just not a guaranteed method of restriction physical access to a computer lab. The central lab hosts use a combination of Rembo and DeepFreeze to re-image the PC after a student has finished using it, a reboot is forced when a student logs off, so any data that user left behind (either saved files or cached/temp data/files) is removed from casual retrieval. The students have administrative access to these hosts so they can do what they like to these computers. Most Faculty/School computers use a similar image management technique, (or Ghost) and do not grant administrative access for student accounts. Feel free to email me if you have any questions. -- Greg Vickers IT Security Engineer & Project Manager IT Security, Network Services, Information Technology Services Queensland University of Technology L12, 126 Margaret St, Brisbane Phone: +61 7 3138 9536 Mobile: 0410 434 734 Fax: +61 7 3138 2921 Email: g.vickers () qut edu au IT Security web site: http://www.its.qut.edu.au/itsecurity/ CRICOS No. 00213J
Current thread:
- Open access to student labs Boaz Gelbord (Dec 20)
- <Possible follow-ups>
- Re: Open access to student labs Hull, Dave (Dec 20)
- Re: Open access to student labs clementz.7 (Dec 20)
- Re: Open access to student labs Ken Connelly (Dec 20)
- Re: Open access to student labs Samuel Young (Dec 20)
- Re: Open access to student labs Greg Vickers (Dec 20)
- Re: Open access to student labs Ken Martin (Dec 20)
- Re: Open access to student labs Keith Furrow (Dec 21)
- Re: Open access to student labs Boaz Gelbord (Dec 22)
- Re: Open access to student labs Dave Koontz (Dec 22)