[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

IT Security Issues

Posted on 2013-05-13
6
Medium Priority
?
214 Views
Last Modified: 2013-05-29
I would like to know if anyone has ever had to try to secure a network in which the users were very poorly educated.  I'm not talking rhetorically but realistically.  

I manage the network for a medium-sized, privately-owned manufacturing company.  That company hires the cheapest employees they can for their manufacturing positions.  Most of those employees are poorly educated (6th - 8th grade) and most of them speak Spanish, Vietnamese, or one of several African dialects.  I am struggling for a way to effectively communicate network security when I can barely communicate with these employees.  Management supports my efforts to tighten security up to but not including making an example of an offending employee.  As a result, I do seemingly endless counseling sessions where I see a lot of bobbing heads and hear a lot of affirmatives (in various languages) but see just as many blank stares.

If you have experience with this type of situation I would like to hear your recommendations.  Insights such as "fire the offenders", while reasonable, is not workable in our environment.
0
Comment
Question by:gspearman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 10

Accepted Solution

by:
ienaxxx earned 600 total points
ID: 39161730
Very strong GPOs (like disable all removable storage and CD/DVD) and restricted internet browsing is not enough?

With GPOs you can even disable the single entries in the start menus and have a pc act more like a thin client... If you start looking at GPOs to block softwares and settings and you have users as they should be: only users of their computers, there should be no security issues...

The initial administrative effort will be truly big, but once done things are going to adjust by a single reasonable request at time.

So a proxy (like MS TMG 2010) that blocks all internet sites except work ones and GPOs will do the trick, IMHO.

HTH.
Bye!
0
 
LVL 17

Assisted Solution

by:surbabu140977
surbabu140977 earned 900 total points
ID: 39163119
Networks are only as secure as their weakest point.

windows domain--> strict policy--> no user rights--> usb's/dvd's locked up from setup--->no exe/program execution rights--->no driver installation rights---> enforcing proxy---> a standard firewall....... should do well.

In short, just open up what they require. Rest is blocked.
0
 

Author Comment

by:gspearman
ID: 39164613
Gotcha on the GPOs.  What about leaving a PC unlocked?  Secure that with a screensaver timeout?
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 17

Assisted Solution

by:surbabu140977
surbabu140977 earned 900 total points
ID: 39164661
Window's group policy will take care of locking. It can get locked after a predefined time of inactivity and users will not be able to control/change that.

If you configure group policies right,  it will let the user see and do what you want them to see and do.

Best,
0
 

Author Comment

by:gspearman
ID: 39164864
Any thoughts on the language barriers?  I've thought of having IT policies translated into the different dialects but the end users might not understand them, I couldn't translate them verbally, and HR wouldn't enforce them.
0
 
LVL 17

Expert Comment

by:surbabu140977
ID: 39165793
No idea about that. It's a kind of dead end considering the literacy of the users........
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read about achieving the basic levels of HRIS security in the workplace.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question