Educause Security Discussion mailing list archives
Re: virtual machines
From: "SCHALIP, MICHAEL" <mschalip () CNM EDU>
Date: Mon, 22 Mar 2010 09:30:02 -0600
I've dealt with this kind of possibility in a previous life - and the first step to any kind of control measures would be to make sure that you've got a local policy in place first. You can always try to control something like this with technology - but then you're stuck chasing the problem. If you clearly define the policy first, and clearly delineate why you want to control this kind of technology, and the risks that it presents - then you can usually take care of 80% of the problem up front - the "rule followers" will comply. But then comes the remaining 20% - the folks that will either go around your policy because either they've got a legitimate business need, or they want to go around the policy to prove to you that they can.....(those are always the fun ones!!) After that - if we came across something that was then outside of policy - then we could take 2 paths: personnel action *and* technological protections..... M From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Drake, Craig Sent: Monday, March 22, 2010 8:49 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] virtual machines I am not sure if anybody has mentioned this on this list before or not. I was wondering if anybody is doing anything to control/restrict virtual machines running on users computers? This could be a potentially very dangerous situation with users running rogue virtual machines on their office computers. They could essentially install anything they want in a virtual machines or bring infected virtual machines from offsite onto our faculty/staff/admin networks. They could get around any restrictions we place on our physical desktop/laptop computers. With the ability of NAT'ing these virtual machines through the host machine's network connection, it would be very difficult to track them down if there is a problem. Thoughts? Craig Drake Senior Systems Administrator Network and Distributed Services Northeastern Illinois University Phone: (773)442-4386 Email: c-drake () neiu edu [cid:image001.jpg@01CAC9A0.FEB5AD30] -- This message has been scanned for viruses and dangerous content by MailScanner<http://www.mailscanner.info/>, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Current thread:
- virtual machines Drake, Craig (Mar 22)
- <Possible follow-ups>
- Re: virtual machines Ozzie Paez (Mar 22)
- Re: virtual machines Patrick Goggins (Mar 22)
- Re: virtual machines Julian Y. Koh (Mar 22)
- Re: virtual machines SCHALIP, MICHAEL (Mar 22)
- Re: virtual machines SCHALIP, MICHAEL (Mar 22)
- Re: virtual machines Mike Lococo (Mar 22)