Solved

IT Security Issues

Posted on 2013-05-13
6
191 Views
Last Modified: 2013-05-29
I would like to know if anyone has ever had to try to secure a network in which the users were very poorly educated.  I'm not talking rhetorically but realistically.  

I manage the network for a medium-sized, privately-owned manufacturing company.  That company hires the cheapest employees they can for their manufacturing positions.  Most of those employees are poorly educated (6th - 8th grade) and most of them speak Spanish, Vietnamese, or one of several African dialects.  I am struggling for a way to effectively communicate network security when I can barely communicate with these employees.  Management supports my efforts to tighten security up to but not including making an example of an offending employee.  As a result, I do seemingly endless counseling sessions where I see a lot of bobbing heads and hear a lot of affirmatives (in various languages) but see just as many blank stares.

If you have experience with this type of situation I would like to hear your recommendations.  Insights such as "fire the offenders", while reasonable, is not workable in our environment.
0
Comment
Question by:gspearman
  • 3
  • 2
6 Comments
 
LVL 10

Accepted Solution

by:
ienaxxx earned 200 total points
Comment Utility
Very strong GPOs (like disable all removable storage and CD/DVD) and restricted internet browsing is not enough?

With GPOs you can even disable the single entries in the start menus and have a pc act more like a thin client... If you start looking at GPOs to block softwares and settings and you have users as they should be: only users of their computers, there should be no security issues...

The initial administrative effort will be truly big, but once done things are going to adjust by a single reasonable request at time.

So a proxy (like MS TMG 2010) that blocks all internet sites except work ones and GPOs will do the trick, IMHO.

HTH.
Bye!
0
 
LVL 17

Assisted Solution

by:surbabu140977
surbabu140977 earned 300 total points
Comment Utility
Networks are only as secure as their weakest point.

windows domain--> strict policy--> no user rights--> usb's/dvd's locked up from setup--->no exe/program execution rights--->no driver installation rights---> enforcing proxy---> a standard firewall....... should do well.

In short, just open up what they require. Rest is blocked.
0
 

Author Comment

by:gspearman
Comment Utility
Gotcha on the GPOs.  What about leaving a PC unlocked?  Secure that with a screensaver timeout?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 17

Assisted Solution

by:surbabu140977
surbabu140977 earned 300 total points
Comment Utility
Window's group policy will take care of locking. It can get locked after a predefined time of inactivity and users will not be able to control/change that.

If you configure group policies right,  it will let the user see and do what you want them to see and do.

Best,
0
 

Author Comment

by:gspearman
Comment Utility
Any thoughts on the language barriers?  I've thought of having IT policies translated into the different dialects but the end users might not understand them, I couldn't translate them verbally, and HR wouldn't enforce them.
0
 
LVL 17

Expert Comment

by:surbabu140977
Comment Utility
No idea about that. It's a kind of dead end considering the literacy of the users........
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Most computer users do not realize how important their passwords are. Here’s the straight scoop on why you need a good password and how to create super strong passwords that are easy to remember and hard to crack. Thieves Are Trying to Steal Yo…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now