RE: Question: How To Secure a Public Access Workstation

From: Colin Stefani (cstefani@tideworks.com)
Date: 04/25/02 

From: Colin Stefani <cstefani@tideworks.com>
To: "'Information Security'" <InformationSecurity@federatedinv.com>, focus-ms@securityfocus.com
Date: Thu, 25 Apr 2002 08:43:47 -0700

Group Policy.

If you're in a Win2k domain using AD, GPO's can be a very powerful way to
create machines which are highly configured to your needs. You can put them
in an OU for easy management and make changes without having to touch the
machines themselves, plus once a new machine comes on line, you just move it
to the OU where the GPO is applied and voila, ready for pulic use. Check
this book out, it will tell you all you need to know:

Windows 2000: Group Policy, Profiles, and IntelliMirror (The Mark Minasi
Windows 2000 Series) by Jeremy Moskowitz.
(http://www.amazon.com/exec/obidos/ASIN/0782128815/)

Cheers,

colin

-----Original Message-----
From: Information Security [mailto:InformationSecurity@federatedinv.com]
Sent: Monday, April 22, 2002 8:32 AM
To: focus-ms@securityfocus.com
Subject: Question: How To Secure a Public Access Workstation

Can anyone point me to reference materials on how to secure Windows NT /
2000 / XP Pro workstations for use at a publicly accessible location?

I'm looking for ideas on how to secure normal corporate workstations that
need limited access to a few corporate apps, but are on the fringe of our
physical perimiter. Places like receptionist areas, attended customer
service booths, etc.

I've found a few references to get started with, the best one seems to be
at:
http://www.psynch.com/docs/instguide/node121.html. However, this article
from Microsoft http://www.microsoft.com/office/ork/2000/journ/KioskMode.htm
points to one of many other details that should be considered. I'm hoping
someone has compiled a list of suggestions, and any additional help or
experiences would be appreciated.

Thanks.

Relevant Pages