Educause Security Discussion mailing list archives
Re: Securing common access computers
From: Patrick Goggins <pgoggins () CARROLLU EDU>
Date: Wed, 24 Mar 2010 16:16:08 -0500
Deepfreeze here as well. -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Amber Weishaar Sent: Wednesday, March 24, 2010 4:15 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Securing common access computers Deep Freeze for us, too. Amber On Mar 24, 2010, at 5:06 PM, SCHALIP, MICHAEL wrote:
We use DeepFreeze, too.....Are there any other options to this software?.....or is this "the state of the art"? -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU ] On Behalf Of Zach Jansen Sent: Wednesday, March 24, 2010 2:39 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Securing common access computers We use a program called Deepfreeze from Faronics to secure the public lab machines from configuration changes. Basically it removes any changes from a machine upon reboot, returning it to the state it was deployed in. The nice thing here is that students can do whatever they want on the machines, such as install software, change settings, and it's removed on reboot. Faronics has a similar program for kiosk type machines, though it has some additional browser lockdown features. We do have individual logins for accountability, except on kiosk machines, and have few problems with misuse. Kiosk machines are more likely to be abused since anyone can use them without a login. Deepfreeze does tend to make investigation harder, though not impossible. Hardware keyloggers are certainly a threat, though I've yet to run into one in my environment. Zach Jansen -- Zach Jansen Information Security Officer Calvin College Phone: 616.526.6776 Fax: 616.526.8550On 3/24/2010 at 12:08 PM, in message<EB4A14AA71CE71448233A27D6E0953B101DF98C3392E () SNHU-CCR-A snhu edu>, "Witmer, Robert" <r.witmer () SNHU EDU> wrote:Even though we require every student to have a laptop computer, historically our organization has provided personal computers in common areas around main campus/remote campuses for students to access specialized software, print papers, access email or their student accounts, etc. I'm wondering how other organizations are securing their common access computers located in pc labs, library, etc. Specifically, from a hardware point of view, does someone inventory every device for hardware key loggers/recording devices? Do you require users to log into the machine for accountability? Do you restrict users from executing programs other than those you've loaded on the pc? Thanks, Bob Please consider the environment before printing this e-mail.-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Current thread:
- Securing common access computers Witmer, Robert (Mar 24)
- <Possible follow-ups>
- Re: Securing common access computers Patrick Goggins (Mar 24)
- Re: Securing common access computers Zach Jansen (Mar 24)
- Re: Securing common access computers Cal Frye (Mar 24)
- Re: Securing common access computers SCHALIP, MICHAEL (Mar 24)
- Re: Securing common access computers Amber Weishaar (Mar 24)
- Re: Securing common access computers Patrick Goggins (Mar 24)
- Re: Securing common access computers Todd Britton (Mar 24)
- Re: Securing common access computers David Gillett (Mar 24)
- Re: Securing common access computers Terence Ma (Mar 24)
- Re: Securing common access computers Michael Sana (Mar 24)
- Re: Securing common access computers SCHALIP, MICHAEL (Mar 24)
- Re: Securing common access computers Michael Sana (Mar 24)
- Re: Securing common access computers Brewer, Alex D (Mar 25)
- Re: Securing common access computers Witmer, Robert (Mar 25)
- Re: Securing common access computers James R. Pardonek (Mar 25)
- Re: Securing common access computers Zach Jansen (Mar 25)