Once again I turn to this list for its collective wisdom.
The university was recently the target of an orchestrated attack
on desktop machines that took us quite a while to clean up. Add to that
the recent changes in MA laws regarding personal information and we are at a
point where we need to change the way we have done things. In the past,
we’ve allowed people to run as administrators on their own
machines. Mostly to facilitate software installs and program functionality.
We are now trying to change user’s accounts to regular accounts and not
have everyone run as administrators but surprisingly and I guess not
surprisingly we are getting push back from some of the upper staff here.
Does anyone have any documented best practices where they do not allow people
to run as administrators on their own machines? If not, what is everyone
doing as far as account privilege levels on staff machines. Do you run as
regular users or do you allow them to run as administrators?
Thanks!
Rick Heckbert
Library Systems Adminsitrator
Tisch Library
35 Professors Row
Tufts University
Medford, MA 02155