Security Compliance Software

Discussion in 'Computer Security' started by Chuckles, Feb 23, 2004.

  1. Chuckles

    Chuckles Guest

    I work in a small organization. I have a group of users, about 20, that
    have Administrative access to their laptops. I don't like this idea and
    know they are ignoring the security policies we have in place. Because
    these laptops are not on our network, I can't see to it that they are
    complying other than the occasional oops where they forgot to turn
    Autolog back on and such. Does anyone know of a software solution that
    can at least monitor this? Something that can't be turned off without a
    password? Something that logs when things like, the firewall is turned
    off, or when the Autolog is turned on?
     
    Chuckles, Feb 23, 2004
    #1
    1. Advertisements

  2. Chuckles

    johns Guest

    If you don't have authority in your company to set up
    those laptops and gpedit the policies, then nothing
    can stop them. If you set yourself as administrator,
    and don't give out the passwd .. and set your users
    as power users, then you can limit browsing to allowed
    sites, install f-secure and f-secure firewall, block
    changing desktops at all levels, turn off the start menu
    ..... there's a world of things you can do to keep these
    machines from being misused. One of the best would
    be to split the hdrive and use an imaging program
    like Powerquest. Then, the slightest problem, and
    you just log in as admin and reimage the thing. Plus
    you can also "ghost" 20 hard drives fairly quick.
    Without locking them out of the admin account, you
    are totally helpless.

    johns
     
    johns, Feb 23, 2004
    #2
    1. Advertisements

  3. Chuckles

    Chuckles Guest

    Thats what I am hoping will come of this. I want software to get the
    proof.
     
    Chuckles, Feb 23, 2004
    #3
  4. Chuckles

    Rowdy Yates Guest

    you have to let the users know what you want and are planning to do ahead
    of time. if you are concered about uncomfortable situations, then explain
    your reasons to the supervisor and approach the users with supervisor
    approval or with the supervisor present if possible.

    speaking from personla experience, you have to be very diplomatic and
    professional when doing these things because this can blow out of
    proportion and people tend to get extremely pissed off about it. this is
    expecially true of technically advanced users who, in their own minds, are
    more than capable of supporting themselves and their computer needs.

    the fact that the situation is as it is at present is because you are not
    capable of enforcing your own companies security policies. this has no
    reflection on you or your work. it has more to do with the quality of
    management in your workplace, a little bit to do with corporate culture and
    also how much does your company really care about its own security
    policies.

    the bottom line. you are dealing with people who have thougths, feelings,
    opionions and emotions, just like you do. some security policies can be
    easily mis-construed by users as invasion of privacy or impeading on their
    rights. use common sense. put yourself in their shoes. look at it from
    their perspective. and most importantly, be professional about it.
     
    Rowdy Yates, Feb 24, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.