Educause Security Discussion mailing list archives
Re: Removal of Admin Access on PCs
From: "Stanclift, Michael" <michael.stanclift () ROCKHURST EDU>
Date: Thu, 8 Oct 2009 12:41:55 -0500
Board up the windows to your offices, lift up the draw bridge, make sure the moat is sufficiently stocked with alligators and then blast out a campus wide email. In all seriousness, we removed local administrator access about three years ago and while it was difficult at first, it gets easier over time. We have a process of approving software installs now that the faculty is pretty familiar with and we try and give them a quick turn around on submission-approval-install. Our view tends to be that if they have a obvious or compelling academic need for something there is little we can do to stop it, unless there is an obvious or compelling security or legal reason for us to deny it. Michael Stanclift Network Analyst Rockhurst University http://help.rockhurst.edu<http://help.rockhurst.edu/> (816) 501-4231 PThink before you print! From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James R. Pardonek Sent: Thursday, October 08, 2009 11:47 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Removal of Admin Access on PCs If this has been discussed before, I apologize. We have been instructed by our internal auditors to remove administrator rights from all PCs on campus. We have chosen a product, Desktop Authority, to do this. The discussion we had was regarding the potential push back from faculty if the "approved" list of applications does not align with what an individual faculty member needs to teach or do research. I would like some feedback on what others have done to comply with the auditors, yet keep peace with their faculty. Thank you! James R. Pardonek, CISSP Senior Network Administrator Purdue University Calumet Data Network Information Services Purdue University Calumet Hammond, Indiana
Current thread:
- Removal of Admin Access on PCs James R. Pardonek (Oct 08)
- <Possible follow-ups>
- Re: Removal of Admin Access on PCs Stanclift, Michael (Oct 08)