Re: Securing common access computers

[Amber Weishaar <aweishaar () UINDY EDU>]

Deep Freeze for us, too.
Amber

On Mar 24, 2010, at 5:06 PM, SCHALIP, MICHAEL wrote:

> We use DeepFreeze, too.....Are there any other options to this
> software?.....or is this "the state of the art"?
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU
> ] On Behalf Of Zach Jansen
> Sent: Wednesday, March 24, 2010 2:39 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Securing common access computers
>
> We use a program called Deepfreeze from Faronics to secure the
> public lab machines from configuration changes. Basically it removes
> any changes from a machine upon reboot, returning it to the state it
> was deployed in. The nice thing here is that students can do
> whatever they want on the machines, such as install software, change
> settings, and it's removed on reboot. Faronics has a similar program
> for kiosk type machines, though it has some additional browser
> lockdown features.
>
> We do have individual logins for accountability, except on kiosk
> machines, and have few problems with misuse. Kiosk machines are more
> likely to be abused since anyone can use them without a login.
> Deepfreeze does tend to make investigation harder, though not
> impossible.
>
> Hardware keyloggers are certainly a threat, though I've yet to run
> into one in my environment.
>
> Zach Jansen
>
>
>
>
>
> --
> Zach Jansen
> Information Security Officer
> Calvin College
> Phone: 616.526.6776
> Fax: 616.526.8550
>
> > > > On 3/24/2010 at 12:08 PM, in message
> <EB4A14AA71CE71448233A27D6E0953B101DF98C3392E () SNHU-CCR-A snhu edu>,
> "Witmer,
> Robert" <r.witmer () SNHU EDU> wrote:
> > Even though we require every student to have a laptop computer,
> > historically
> > our organization has provided personal computers in common areas
> > around main
> > campus/remote campuses for students to access specialized software,
> > print
> > papers, access email or their student accounts, etc.   I'm
> > wondering how
> > other organizations are securing their common access computers
> > located in pc
> > labs, library, etc.  Specifically, from a hardware point of view,
> > does
> > someone inventory every device for hardware key loggers/recording
> > devices?
> > Do you require users to log into the machine for accountability?
> > Do you
> > restrict users from executing programs other than those you've
> > loaded on the
> > pc?
> >
> > Thanks,
> > Bob
> >
> >
> > Please consider the environment before printing this e-mail.
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.