Re: Public Facing Resources

[Shane Kroening <0000029bc930dd68-dmarc-request () LISTSERV EDUCAUSE EDU>]

Hi Emilie,

In my experience managing public facing tech, I’ve taken two approaches:


  1.  Using generic logins, but locking them down to that specific device (or devices).
  2.  Using smartcards, PINs, or similar tech that people can checkout to be able to authenticate and get on a specific 
device (or devices).


In both scenarios we’ve also configured imaging software (deep freeze and ghost are common) to wipe the device after 
each use and deployed policies to ensure the user has limited access, session timeout, etc.

Hope that helps!
Shane

Shane Kroening  [signature_796095325] <https://www.linkedin.com/company/qualys>
Technical Account Manager, Pre-Sales, Central (SLED)

skroening () qualys com<mailto:skroening () qualys com>
414.791.5674

Qualys, Inc. – Blog<https://qualys.com/blog> | Community<https://community.qualys.com/> | 
Twitter<https://twitter.com/qualys>



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Emilie Kunze 
<ekunze () AUSTINCC EDU>
Date: Wednesday, August 4, 2021 at 3:19 PM
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Public Facing Resources
Hello all!

Curious how other institutions handle access to public facing technology for visitors on campuses (i.e. PC;s, printers 
etc).  We are trying to move the college away from generic logins and develop standards.
.
Use cases that have been presented:

  *   Prospective Students (needing to fill out paperwork)
  *   Visiting Professors (may need access to print as well)
  *   Visiting Vendors
  *   Teacher Cohorts
  *   Community Representatives
  *   Visitors to the Library (we are a community college and allow the community to use our libraries)
Thank you,
Emilie

[https://lh5.googleusercontent.com/8TGVFPsiEyy3_TXFjMAe-lCBkyXwyGevnGxIvGdvcCw3hjOZXmPHYbmZT0pi_gZG5RkwAY-Hr0A_XFdoepzZEFuNDmYnRMqD-9ud3Hyk-fMTIXJpmQ2qt5M1SGUDHcrQ6M_D9CrN]<https://austincc.edu/>

Emilie Kunze

IT Security Analyst Sr.

Acting Information Security Officer

Office of Information Technology

ekunze () austincc edu<mailto:ekunze () austincc edu>  | o 512-223-1157

ACC Information Security<https://it.austincc.edu/departments/information-security/>

      
[https://lh3.googleusercontent.com/3i9G30Fg3ZAiC3mZdiMpvQRradC3TjjCk-pdmKCGV_fzPcMSzNSQE7rf9y9DqgXUxJxxl35vf4rLx4n1kM_DpBsJJjbxv9EcmSmUwSHZdlZxsP2Dc_UngTyQv3pHCl6VhsG5Lfio]
 <https://www.facebook.com/accinfosec/>     
[https://lh5.googleusercontent.com/-i9vIi5rgXE71dcrX6-3bGqGXXd0B3y8YE4Q25USF9da5jZ2Slz-TeACb7E26aea5om8HOq35WMxxecKyIBRBaAEAipDnYr8hice3MMzGl1G-l7r9tpbmZ8S_SCmCRsTJ8yWtK3l]
 <https://twitter.com/ACCInfoSec>


                                                  CONFIDENTIAL NOTICE
This communication, including any attachments, may contain confidential information and is intended only for the 
individual or entity to which it is addressed. Any review, dissemination, or copying of this communication by anyone 
other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the 
sender by reply e-mail, delete and destroy all copies of the original message.


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community



[https://d1dejaj6dcqv24.cloudfront.net/asset/image/email-banner-384-2x.png]<https://www.qualys.com/email-banner>



This message may contain confidential and privileged information. If it has been sent to you in error, please reply to 
advise the sender of the error and then immediately delete it. If you are not the intended recipient, do not read, 
copy, disclose or otherwise use this message. The sender disclaims any liability for such unauthorized use. NOTE that 
all incoming emails sent to Qualys email accounts will be archived and may be scanned by us and/or by external service 
providers to detect and prevent threats to our systems, investigate illegal or inappropriate behavior, and/or eliminate 
unsolicited promotional emails (“spam”). If you have any concerns about this process, please contact us.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community