Security Basics mailing list archives
Re: Block simulteneuos logons
From: rohnskii () gmail com
Date: 7 Nov 2007 22:12:40 -0000
AD has an option to limit the number of simultaneous logons. Just set it to 1. They can logon from work or home, not both at same time. That is the brute force approach. But don't you have a corporate policy for computer use? Company computing resources to be used for company purpose only, or something to that effect. Have HR review the policy with the users and make the point that allowing family to use corporate computer is against policy and could cost them their job! If you don't have such a policy, you should probably suggesting getting one. As well, part of the main policy or a separate policy would be to NEVER share userid/password with anyone else (ie family), including technical support (who should only use their own ID). Another option might to be limit the time they can dial in. Do they normally work from home or on the road during the day? If not, don't let them dial in during work hours.
Current thread:
- Block simulteneuos logons jd (Nov 07)
- Re: Block simulteneuos logons Ansgar -59cobalt- Wiechers (Nov 07)
- RE: Block simulteneuos logons Holtz,Robert (Nov 07)
- <Possible follow-ups>
- Re: Block simulteneuos logons rohnskii (Nov 07)
- Re: Re: Block simulteneuos logons bjenkin (Nov 08)