Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Peeling off desktop Administrator Rights

From: randy marchany <marchany () VT EDU>
Date: Mon, 7 Dec 2009 19:37:00 -0500

You say you did not see a "significant increase in bad events happening in
those environments" where users can install whatever they want, but do you
know if the systems were being monitored?  It has been my experience that
when IT lets users have full admin access the system logs are not monitored,
AV gets turned off (to many pop ups), system backups are not done, etc.
-Eric



Sorry, I didn't mean to imply that there was no sysadmin control of
those systems. The user has local admin rights but there is still some
sort of overall sysadmin support for the machine so there would still
be monitoring done. Standalone machine would only be picked up by
whatever IDS/IPS you have on your net.

-r.

I
Previous By Date Next
Previous By Thread Next

Current thread: