Educause Security Discussion mailing list archives
Local Admin Rights
From: Brian Fetcie <fetcieb () CANTON EDU>
Date: Tue, 15 Mar 2005 08:04:34 -0500
Good morning... On our campus, when a computer is configured for a faculty or staff member the user's account is setup as a local admin. Needless to say that this has caused a great deal of grief in the fight against viruses and spyware. We have a number of users who feel that the computer is their's to do with as they wish, irrelevant of what the asset tag may say. In the previous semester, our campus was hit with a major IRCbot infection. Our lab PCs, which we tightly control, came though essentially unscathed. Our faculty and staff PCs were clobbered. We are preparing a policy to remove local admin privs from the faculty and staff members. The primary justification being an attempt to lessen our vulnerability. I'm curious as to what other campuses are doing in regards to this issue. How did you handle the politics (i.e. the power user, or even average user, who are convinced they must have admin privs)? I'm interested in any experiences, the good, the bad and the ugly. Thank you in advance. Brian -- ------------------------------ Brian Fetcie Systems/Security Administrator -------------------------- SUNY Canton 34 Cornell Drive Canton, NY 13617 -------------------------- fetcieb () canton edu ------------------------------ ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Local Admin Rights Brian Fetcie (Mar 15)
- <Possible follow-ups>
- Re: Local Admin Rights Jacobson, James (Mar 15)
- Re: Local Admin Rights Michelle Mueller (Mar 15)
- Re: Local Admin Rights Gary Flynn (Mar 15)
- Re: Local Admin Rights Matt Kirchhoff (Mar 15)
- Re: Local Admin Rights Brian Fetcie (Mar 15)
- Re: Local Admin Rights Jeff Giacobbe (Mar 15)
- Re: Local Admin Rights Krulewitch, Sean (Mar 28)