[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Locking Down XP

Posted on 2004-10-19
5
Medium Priority
?
158 Views
Last Modified: 2013-12-04
I am updating a number of business PC's to XP Pro. This seems like a good time to increase security. I want to know if I can use group policy to prevent users (or hackers) from installing programs or visiting unapproved websites. These users only need to visit 4 or 5 business related sites, and I can install any needed programs with the "install as" option.   Thanks
0
Comment
Question by:mr_kev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 18

Accepted Solution

by:
luv2smile earned 400 total points
ID: 12360946
The first step would be to not grant them admin rights....most programs require admin rights to install

There are software restriction policies that you can set up with group policy, but here's the thing: You either have to 1.  block all programs except ones that you specify or 2.  know the programs you wish to block.

http://support.microsoft.com/default.aspx?scid=kb;en-us;324036

1. is very hard to setup and is often full of problems, etc. and takes a long time to perfect.
0
 
LVL 16

Assisted Solution

by:kbbcnet
kbbcnet earned 400 total points
ID: 12440343
Make everyone other than you part of the "Users" group, not "Power User" or "Administrator" groups.  This way they can't install programs; however, this will not stop all installations, such as screensavers, wallpapers, spyware, etc.

The MS article referenced above is also a good starting point, however complex to implement.  

You may want to try a third party solution to assist you in this task such as "Deep Freeze" by Faronics.  See their webpage - http://www.faronics.com/.  This product will basically make an image of the PC's O/S then restore it everytime you reboot....no installation crap to worry about then; just reboot it.

There are a number of internet content filtering products out there for blocking access to various websites.  They typically include 'black lists' for bad sites and 'white lists' for approved sites.  Most of these programs allow you to specify 'custom' lists of webpages you want to deny access to.

Good luck!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question