Re: Securing common access computers

[Patrick Goggins <pgoggins () CARROLLU EDU>]

Deepfreeze here as well.

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Amber 
Weishaar
Sent: Wednesday, March 24, 2010 4:15 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Securing common access computers

Deep Freeze for us, too.
Amber

On Mar 24, 2010, at 5:06 PM, SCHALIP, MICHAEL wrote:

> We use DeepFreeze, too.....Are there any other options to this  
> software?.....or is this "the state of the art"?
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU 
> ] On Behalf Of Zach Jansen
> Sent: Wednesday, March 24, 2010 2:39 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Securing common access computers
>
> We use a program called Deepfreeze from Faronics to secure the  
> public lab machines from configuration changes. Basically it removes  
> any changes from a machine upon reboot, returning it to the state it  
> was deployed in. The nice thing here is that students can do  
> whatever they want on the machines, such as install software, change  
> settings, and it's removed on reboot. Faronics has a similar program  
> for kiosk type machines, though it has some additional browser  
> lockdown features.
>
> We do have individual logins for accountability, except on kiosk  
> machines, and have few problems with misuse. Kiosk machines are more  
> likely to be abused since anyone can use them without a login.  
> Deepfreeze does tend to make investigation harder, though not  
> impossible.
>
> Hardware keyloggers are certainly a threat, though I've yet to run  
> into one in my environment.
>
> Zach Jansen
>
>
>
>
>
> -- 
> Zach Jansen
> Information Security Officer
> Calvin College
> Phone: 616.526.6776
> Fax: 616.526.8550
>
> > > > On 3/24/2010 at 12:08 PM, in message
> <EB4A14AA71CE71448233A27D6E0953B101DF98C3392E () SNHU-CCR-A snhu edu>,  
> "Witmer,
> Robert" <r.witmer () SNHU EDU> wrote:
> > Even though we require every student to have a laptop computer,  
> > historically
> > our organization has provided personal computers in common areas  
> > around main
> > campus/remote campuses for students to access specialized software,  
> > print
> > papers, access email or their student accounts, etc.   I'm  
> > wondering how
> > other organizations are securing their common access computers  
> > located in pc
> > labs, library, etc.  Specifically, from a hardware point of view,  
> > does
> > someone inventory every device for hardware key loggers/recording  
> > devices?
> > Do you require users to log into the machine for accountability?   
> > Do you
> > restrict users from executing programs other than those you've  
> > loaded on the
> > pc?
> >
> > Thanks,
> > Bob
> >
> >
> > Please consider the environment before printing this e-mail.
>
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.