Solved

Call Centre Lockdown

Posted on 2014-12-09
9
24 Views
Last Modified: 2016-07-18
For legal compliance I have to lockdown windows workstations, removing right click, cut and paste and restricting URL's etc. Is there some software that will make this easy?
0
Comment
Question by:Mark_Collinge
  • 4
  • 2
9 Comments
 
LVL 20

Accepted Solution

by:
netcmh earned 500 total points
ID: 40488835
I wish there was. This is an involved process. Your sysadmin, networkadmin, desktoptechnicians would all have to work to achieve this. If you're like me and are the only tech in the company, this falls squarely on your shoulders.

Start with a maintenance window to install EMET on all the workstations as a behavioural analysis and action tool. While you're at it, and AV with malware detection and sandboxing might be a good idea. Group policies to enforce the restrictions you have in mind will have to be developed and deployed. An appliance like the Fortigate or BlueCoat will help with the URL restrictions. There are other ways of doing this -dns redirection/rewriting etc. Then, writing accesslists to block malicious geo IPs and implementing it on the perimeter.

Too many parts to this. Too many things that can go wrong. So, a solid implementation plan is a MUST! Good luck.
0
 

Author Comment

by:Mark_Collinge
ID: 40489205
It shouldn't be too bad if I can launch IE into Kiosk mode pointing at the URL with the CRM at logon, and disable right mouse click, ctrl-alt-del and shift-tab.
0
 
LVL 20

Assisted Solution

by:netcmh
netcmh earned 500 total points
ID: 40489451
Disable Ctrl+alt+end and Alt+F4 as well, otherwise the kiosk mode is easily bypass-able. Please also read up on the iKat framework which is specifically designed for breaking kiosk modes.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 54

Expert Comment

by:McKnife
ID: 40489987
To make this question kind of answerable, you should maybe add
->what OS (including edition) are we talking about?
->are those computers domain joined?
->what are you trying to prevent?
->what would still need to run?

Because so far we have only "removing right click, cut and paste and restricting URL's" which is vague and then there is the almighty "etc." which could be anything and nothing.
0
 

Author Comment

by:Mark_Collinge
ID: 40490004
In all fairness I asked if there was software available to lockdown a computer for PCI DSS compliance. The OS can be anything I decide it to be, domain or no domain, I did mention in a subsequent post that I needed access to a URL at login. But thanks anyway.
0
 
LVL 20

Expert Comment

by:netcmh
ID: 41717043
My suggestions (ID: 40488835,  ID: 40489451) state that while there is no software that can easily do the task, a good plan with remedial software could provide the same outcome.
0
 
LVL 20

Expert Comment

by:netcmh
ID: 41717296
Thank you.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
New firewall implementation guidance 12 89
Risks of using Camtasia Studio 9 107
SOC, SIEM, IPS and FW 4 31
Just confused:  Router to Xfinity Tower? 9 33
How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
The related questions "How do I recover the passwords for my Q-See DVR" and "How can I reset my Q-See DVR to eliminate a password" are seen several times a week.  Here we discuss the grim reality of the situation.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question