Educause Security Discussion mailing list archives

Re: Desktop Administrator Question

From: "Lazarus, Carolann" <lazarus () BUFFALO EDU>
Date: Wed, 1 Feb 2012 08:37:38 -0500

Same here.  I have admin access, but I had to request it.  We have moved away from it because of the risks.  So some 
users have it and some don't. So I answered the third question yes, but I'm not sure that was the information you 
really wanted. 

Carolann G Lazarus, CISA
IT Auditor
lazarus () buffalo edu
716-829-6947


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joel 
Rosenblatt
Sent: Wednesday, February 01, 2012 12:17 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Desktop Administrator Question

Hi,

I looked at your survey and I would suggest that you add a qualifier to your third question.

We allow administrative access UNLESS the desktop is used to process university sensitive information - so the answer 
is not yes or no, but it depends.

Thanks,
Joel Rosenblatt

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Public PGP key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3



--On Tuesday, January 31, 2012 11:12 PM +0000 "Johnson, Jeff" <JJOHNS86 () DEPAUL EDU> wrote:

Hello Everyone,

DePaul is currently evaluating how we have access rights and roles setup on desktop/laptop computers at the 
institution.  We currently give all employees
administrator rights to their desktop computer.  Our understanding is that most institutes of higher education are 
offering employees of the institution
administrator rights on their desktops, but we would like to validate this to satisfy some questions from some others 
(particularly internal audit folks).
As such, we were interested in gathering some more concrete data on this and have created a very short and simple (4 
question) survey to capture this
information.    We would very much appreciate your participation if you are able, and we will share the results for 
everyone via email (cleansing any
personal information you choose to enter prior to doing so of course).  If you would rather pass this on to 
colleagues involved in desktop administration and
support, that would also be most appreciated.

Here is a link to the survey:  http://depaul.qualtrics.com/SE/?SID=SV_6lNkqctZNQ5BZaI

Thank you so much for your help!

Regards,


Jeff Johnson
Infrastructure Support Manager,
Information Systems,
DePaul University




Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Public PGP key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3

Current thread:

Desktop Administrator Question Johnson, Jeff (Jan 31)
- Re: Desktop Administrator Question Steven Alexander (Jan 31)
- Re: Desktop Administrator Question Joel Rosenblatt (Jan 31)
  - Re: Desktop Administrator Question Lazarus, Carolann (Feb 01)
  - Re: Desktop Administrator Question Morrow Long (Feb 01)
- Re: Desktop Administrator Question Rich Graves (Feb 01)
  - Re: Desktop Administrator Question Steven Alexander (Feb 01)
- Re: Desktop Administrator Question Kevin Shalla (Feb 02)
  - Re: Desktop Administrator Question Johnson, Jeff (Feb 03)
- Re: Desktop Administrator Question Drews, Adam (Feb 02)
  - Re: Desktop Administrator Question Johnson, Jeff (Feb 03)
- Re: Desktop Administrator Question Johnson, Jeff (Feb 17)
- <Possible follow-ups>
- Re: Desktop Administrator Question Gramke, Jim (Feb 01)
  - Re: Desktop Administrator Question Steve Kuchta (Feb 01)