RE: Windows local admin in a .edu environment.
- From: "Dan Lynch" <DLynch@xxxxxxxxxxxxx>
- Date: Wed, 30 Jan 2008 08:09:53 -0800
Locally, two high school students gained or were given access to a
teacher's laptop. Using the teacher's already logged in local admin
credentials, they installed a keystroke logger, captured passwords for
the grading system, and changed their semester grades.
http://www.theunion.com/article/20050310/NEWS/103100069
If the system can't be physically secured against an environment full of
mischievous kids, additional security is justified. Start with
appropriate policy, but don't rely on it.
Dan Lynch, CISSP
Information Technology Analyst
County of Placer
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Paul Halliday
Sent: Tuesday, January 29, 2008 4:31 PM
To: Security Basics Forum
Subject: Windows local admin in a .edu environment.
I am looking for insight (pros and cons) on the issue of granting
local admin rights to faculty and staff in a .edu setting. Let's
assume that the staff and faculty have direct access to core
administrative systems and portals like Sharepoint and Peoplesoft.
I have never thought of this argument as subjective (am I just being
anal?) but apparently I was wrong. I would love to hear the general
consensus on this issue. I am especially interested in what others in
.edu are doing.
Thanks.
- References:
- Windows local admin in a .edu environment.
- From: Paul Halliday
- Windows local admin in a .edu environment.
- Prev by Date: RE: Law Enforcement Foresics Tools
- Next by Date: RE: Remote Branch reconfiguration
- Previous by thread: Windows local admin in a .edu environment.
- Next by thread: Law Enforcement Foresics Tools
- Index(es):
Relevant Pages
|
|
