In: Root » Computers and technology » Software
Lockdown, in the desktop management context, means that you've managed to apply the straps to your users in such a way that they can't hurt themselves—or your network. In the best case, this is done in such a way that the users don't feel constricted or stifled. Having a heart-to-heart with management about the level of lockdown can be only a good thing. Users get extremely irrational about losing any amount of autonomy, and you will definitely want management to buy into any lockdown that you need to enact. It should be pointed out that desktop management—any desktop management—that resides on a local workstation can be bypassed by a clever user unless there is serious physical security in place (no floppies, an "unpickable" case lock, and so forth). This, of course, is the type of security that you must have if you have public information terminals, kiosks, and so on. The point is that any workstation that isn't physically secured can usually be booted from alternative media, and then the local OS can be modified to a malicious user's heart's content. Still, desktop management and lockdown for nonpublic users are important due-diligence measures, and definitely should not be skipped. The important thing here is to prevent either well-meaning or scofflaw users from hurting themselves and others. Defeating a truly noncasual and malicious user isn't the primary purpose of desktop management. Virus protection, of course, is a mandatory component to desktop management. Virus protection is (or should be) such second nature to today's IT staff that we mention it here simply to ask one question: Can the user turn off virus protection? Some virus protection suites let the user do this; others password-protect the entire control panel. You should certainly password-protect the control panel if possible, but you should also enact desktop management policies that check and reinstall virus protection if the workstation's otherwise permissive operating system allows its removal. Good desktop management tools enable you to not only "force" certain applications, but they can also · Force applications to be configured in a certain way (notably browsers) · Restrict users from running anything but a certain set of applications · Restrict use of removable media · Prevent users from modifying system configuration
|
|||||||||||||
Disclaimer
1) E-articles is not responsible for the information contained by this article as well for any and all copyright infringements by authors and writers. E-articles is a free information resource. If you suspect this article for any copyright infringement, please read the terms of service and contact us or use the "Report this article" button on this page to investigate the problem.
2) E-articles is not responsible for inaccuracies, falsehoods, or any other types of misinformation this article may contain and will not be liable for any loss or damage suffered by a user through the user's reliance on the information gained here. |
|||||||||||||
