Re: Don't Display Last Username??

[Dennis Tracz <dntracz () UCALGARY CA>]

I concur with Chris, this is definitely a good thing to do but would not 
go to the top of my list.

Gibson, Nathan J. (HSC) wrote:
> Can I ask how many organization prohibit displaying the username of 
> the last user on a computer at the login screen?
>
> What are your specific justifications for this?
>
> Every “ security best practices” document I have read suggests 
> enabling this setting on the domain, however I need to justify it. I 
> have a list that has some good points but I wanted to see the 
> justification other security practitioners have for their organization.
>
> What risk does it help mitigate in your organization?
>
> Thanks in advance!
>
> V/R,
>
> */Gibby/*
>
> Nathan J. Gibson, CISSP-CISM-CCNA-MCSA
>
> Information Security Analyst
>
> The University of Oklahoma HSC
>
> Office: (405) 271-2476 *|* Fax: (405) 271-2181 *|* Cell: (405) 397 5134
>
> http://it.ouhsc.edu/services/infosecurity
>
> ______________________________________________
>
> "Lack of will power has caused more failure than lack of intelligence 
> or ability."
> -- Flower A. Newhouse --
>
> Confidentiality Notice
>
> This e-mail, including any attachments, contains information from the 
> University of Oklahoma Health Sciences Center, which may be 
> confidential or privileged. The information is intended to be for the 
> use of the individual or entity named above. If you are not the 
> intended recipient, be aware that any disclosure, copying, 
> distribution or use of the contents of this information is prohibited.
>
> If you have received this e-mail in error, please notify the sender 
> immediately by a "reply to sender only" message and destroy all 
> electronic and hard copies of the communication, including attachments.

--
Dennis N. Tracz CISSP-ISSMP, CISM
Information Security Officer
University of Calgary
(403) 220-4010

Attachment: dntracz.vcf
Description: