Re: Securing common access computers

[Cal Frye <cjf () CALFRYE COM>]

On 3/24/10 12:08 PM, Witmer, Robert wrote:
>  I’m wondering how other organizations are securing
> their common access computers located in pc labs, library, etc.
> Specifically, from a hardware point of view, does someone inventory
> every device for hardware key loggers/recording devices?  Do you require
> users to log into the machine for accountability?  Do you restrict users
> from executing programs other than those you’ve loaded on the pc?

We use Novell ZenWorks both to image the Windows machines and to provide
a "Dynamic Local User" account that is deleted again at logout. Our Macs
enjoy a somewhat looser arrangement. Both are somewhat locked down using
the tools available in the OS.

Separately, I've had some good success with the Windows SteadyState
utility from Microsoft that also helps keep a clean local user profile.
Worth a look, and the price is right.

--
Best regards
-- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.oberlin.edu/cit/

"Good, fast, & cheap: Which two would you like?" -- RFC 1925.