Educause Security Discussion mailing list archives
Re: User Privilege Levels, The Sequel.
From: "Stanclift, Michael" <michael.stanclift () ROCKHURST EDU>
Date: Thu, 26 Feb 2009 09:08:36 -0600
We use Remote Desktop for times when they must login and Windows Remote Assistance with "Run As" if they can do it for the user. It's rare that they must actually go touch a machine to get something installed with this. We also publish as much as we can with MSIs and group policy, and make them user installable if we need to. Michael Stanclift Network Analyst Rockhurst University http://help.rockhurst.edu (816) 501-4231 -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Matthew Gracie Sent: Thursday, February 26, 2009 9:05 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] User Privilege Levels, The Sequel. First of all, thanks very much to the people who have responded to my initial email about user privileges on their own desktops. We're currently in an environment where _everyone_ is an admin, and you gave me a lot of ammunition to justify buttoning that up. A followup question -- some of the pushback against outfitting users with User rights instead of Administrator has come from our support group, who (understandably) don't want to make house calls every time someone wants to check out a new piece of software. What sort of methodology are people using to handle one-off software requests? How is a request made, and what mechanism is used to get the installation done? Thanks for your input, --Matt -- Matt Gracie (716) 888-8378 Information Security Administrator graciem () canisius edu Canisius College ITS Buffalo, NY http://www2.canisius.edu/~graciem/graciem_public_key.gpg
Current thread:
- User Privilege Levels, The Sequel. Matthew Gracie (Feb 26)
- <Possible follow-ups>
- Re: User Privilege Levels, The Sequel. Stanclift, Michael (Feb 26)
- Re: User Privilege Levels, The Sequel. Karen Stopford (Feb 26)