Applocker and security (again)

I have searched through some threads on here regarding applocker without finding what I need. Apologies if this has been covered elsewhere.

I need to provide better security at a water plant. The plant has a Win 2012 DC server, Win7 and 8.1 workstations. They use std software (Office, ACAD) and SCADA software to control the pumps and monitor wells, tanks etc.

The preferred method to secure the computers is to use whitelisting  software, which appears to mean applocker is the way to go. I don't know how to do this. Most of the workstations have domain\users added to the local administrators group. I believe this may have to be un -done for applocker to work.  

Sooo. How do I set up applocker? I searched for applocker on the DC and came up with nothing.
LVL 2
hgj1357Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
David Johnson, CD, MVPConnect With a Mentor OwnerCommented:
The clients version must be enterprise or higher to use applocker.
https://technet.microsoft.com/library/hh831440.aspx

NEVER NEVER have users run as admin's .. if they need admin privileges then have then use the runas options to run as an admin.
0
 
McKnifeConnect With a Mentor Commented:
" Most of the workstations have domain\users added to the local administrators group. I believe this may have to be un -done for applocker to work" - no, we can setup applocker so that it will rule admins, too. But local admins are a big risk anyway, so get rid of them if you can.
0
All Courses

From novice to tech pro — start learning today.