At our public library we do NOT give
any staff administrative access. Our justification is that IT is responsible
for ensuring that the library is in compliance with software licenses and we
are responsible for protecting the PCs, servers, and network from malware. Occasionally
people complain, but with all of the malware out there, everyone seems to
understand the necessity for this.
I imagine that the politics in a
university will be far more problematic than in a public library. Good luck – I
think you’ll need it.
Donna Schumann
Computer Services Department
Timberland Regional Library
415 Tumwater Blvd. SW
Tumwater, WA 98501
360-704-4542
From: Library NT
[mailto:[log in to unmask]] On Behalf Of Heckbert Jr, Richard W.
Sent: Thursday, June 10, 2010 11:48 AM
To: [log in to unmask]
Subject: [LIBNT-L] Staff desktop account security
Once again I turn to this list for its collective wisdom.
The university was recently the target of an orchestrated
attack on desktop machines that took us quite a while to clean up. Add to
that the recent changes in MA laws regarding personal information and we are at
a point where we need to change the way we have done things. In the past,
we’ve allowed people to run as administrators on their own machines.
Mostly to facilitate software installs and program functionality. We are
now trying to change user’s accounts to regular accounts and not have everyone
run as administrators but surprisingly and I guess not surprisingly we are
getting push back from some of the upper staff here. Does anyone have any
documented best practices where they do not allow people to run as
administrators on their own machines? If not, what is everyone doing as
far as account privilege levels on staff machines. Do you run as regular
users or do you allow them to run as administrators?
Thanks!
Rick Heckbert
Library Systems Adminsitrator
Tisch Library
35 Professors Row
Tufts University
Medford, MA 02155