Solved

Why is allowing users to change/add wallpaper to their desktops a security issue.

Posted on 2008-06-26
11
194 Views
Last Modified: 2013-12-04
We are trying to apply standard desktops throughout our organization. However we ran into issues when we removed the users abliity to add/change the wallpaper on the desktops. People are not happy with this change, and my Manager cannot understand why we removed users ability to change their desktops. We need to show him proof that allowing users access to change their desktops is a securty risk.
Looking for a document that explains security issues involved with access to the desktop in simple easy to understand language ie non technical.
0
Comment
Question by:larrybac
11 Comments
 
LVL 4

Assisted Solution

by:dude02
dude02 earned 20 total points
ID: 21875838
The biggest thing that comes to mine is a virus, spyware, and/or adware.  Any one or more of these problematic issues can be attaching to a picture image.  I have seen my fare cases of when users go on the web and select a picture that they think would make a great background images causes them more problems than they ever image.  Then they call us and wonder why their computer is running so slow to find that they have adware all over their system registry.  
0
 

Author Comment

by:larrybac
ID: 21875888
Yes we agree and understand these issues. We are trying to show "proof" to our Management. We as IT professionals Understand the risks, but providing evidence to the managers is another matter.
0
 
LVL 23

Assisted Solution

by:Danny Child
Danny Child earned 20 total points
ID: 21876064
It can also be justified in applying a uniform Look and Feel across an office - so when visitors are there, it is obvious that a defined pc setup is in place.  

It also avoids more temptation where users prank each other by changing their wallpaper.  The next thing users will ask for is custom screensavers, mouse pointers, and other downloadable junk.  

Why don't you take a standard, clean, NON-secured pc, and hook it up to the internet.  Run a scan on it for nasties, and store the results.  Invite your 5 favourite users of wallpaper to browse around for an hour or two, looking for wallpaper, etc, that they'd like to download and use.  When they're all done, run the same scan again, and then you'll see all the malware, of course.  Show the results to your boss.

It's more a question of what is the business **benefit** of allowing this - all the time users are tweaking their pcs, they're not working, and they're generating trouble for later.  

hth, Danny
0
 

Author Comment

by:larrybac
ID: 21876870
You can see my issue. We already have problems with people loading photos of the family and whatever, and personal screensavers, and the adware infections, and the viruses. But we cannot convience management that this is an issue. What we need is some resource that points out these risks to prove what we are trying to do with locking down the desktops.
0
 
LVL 6

Assisted Solution

by:hyphenpipe
hyphenpipe earned 20 total points
ID: 21876961
You could always just allow it, and when the crap hits the fan tell them 'I told you so' and then demand a raise.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:larrybac
ID: 21878017
I guess what we need is a consensus from the professional IT community to demonstrate the importance for the standard desktop. Looks like we need to hire a consultant....
0
 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 45 total points
ID: 21879167
0
 
LVL 31

Assisted Solution

by:James Murrell
James Murrell earned 20 total points
ID: 21883507
could you just say "An improperly configured machine can be an invitation for disaster." we did and the board signed off on desktop wallpapers
0
 
LVL 50

Accepted Solution

by:
jcimarron earned 45 total points
ID: 22098898
In the original post, larrybac asked "We need to show him proof that allowing users access to change their desktops is a securty risk.
Looking for a document that explains security issues involved with access to the desktop in simple easy to understand language ie non technical."
There were several good comments, but certainly the reference http://tech.yahoo.com/blogs/raskin/1515 
should satisfy the requested requirement.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 22098913
Well I see a big difference between a wallpaper and a screensaver.

Thus the link from yahoo didn't and doesn't convince me that changing wallpapers is bad.  

Tolomir
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now