Call Centre Lockdown

Posted on 2014-12-09
Medium Priority
Last Modified: 2016-07-18
For legal compliance I have to lockdown windows workstations, removing right click, cut and paste and restricting URL's etc. Is there some software that will make this easy?
Question by:Mark_Collinge
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
LVL 21

Accepted Solution

netcmh earned 2000 total points
ID: 40488835
I wish there was. This is an involved process. Your sysadmin, networkadmin, desktoptechnicians would all have to work to achieve this. If you're like me and are the only tech in the company, this falls squarely on your shoulders.

Start with a maintenance window to install EMET on all the workstations as a behavioural analysis and action tool. While you're at it, and AV with malware detection and sandboxing might be a good idea. Group policies to enforce the restrictions you have in mind will have to be developed and deployed. An appliance like the Fortigate or BlueCoat will help with the URL restrictions. There are other ways of doing this -dns redirection/rewriting etc. Then, writing accesslists to block malicious geo IPs and implementing it on the perimeter.

Too many parts to this. Too many things that can go wrong. So, a solid implementation plan is a MUST! Good luck.

Author Comment

ID: 40489205
It shouldn't be too bad if I can launch IE into Kiosk mode pointing at the URL with the CRM at logon, and disable right mouse click, ctrl-alt-del and shift-tab.
LVL 21

Assisted Solution

netcmh earned 2000 total points
ID: 40489451
Disable Ctrl+alt+end and Alt+F4 as well, otherwise the kiosk mode is easily bypass-able. Please also read up on the iKat framework which is specifically designed for breaking kiosk modes.
WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

LVL 56

Expert Comment

ID: 40489987
To make this question kind of answerable, you should maybe add
->what OS (including edition) are we talking about?
->are those computers domain joined?
->what are you trying to prevent?
->what would still need to run?

Because so far we have only "removing right click, cut and paste and restricting URL's" which is vague and then there is the almighty "etc." which could be anything and nothing.

Author Comment

ID: 40490004
In all fairness I asked if there was software available to lockdown a computer for PCI DSS compliance. The OS can be anything I decide it to be, domain or no domain, I did mention in a subsequent post that I needed access to a URL at login. But thanks anyway.
LVL 21

Expert Comment

ID: 41717043
My suggestions (ID: 40488835,  ID: 40489451) state that while there is no software that can easily do the task, a good plan with remedial software could provide the same outcome.
LVL 21

Expert Comment

ID: 41717296
Thank you.

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses
Course of the Month10 days, 14 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question