Solved

Applocker and security (again)

Posted on 2015-02-20
2
107 Views
Last Modified: 2015-03-17
I have searched through some threads on here regarding applocker without finding what I need. Apologies if this has been covered elsewhere.

I need to provide better security at a water plant. The plant has a Win 2012 DC server, Win7 and 8.1 workstations. They use std software (Office, ACAD) and SCADA software to control the pumps and monitor wells, tanks etc.

The preferred method to secure the computers is to use whitelisting  software, which appears to mean applocker is the way to go. I don't know how to do this. Most of the workstations have domain\users added to the local administrators group. I believe this may have to be un -done for applocker to work.  

Sooo. How do I set up applocker? I searched for applocker on the DC and came up with nothing.
0
Comment
Question by:hgj1357
2 Comments
 
LVL 79

Accepted Solution

by:
David Johnson, CD, MVP earned 250 total points
ID: 40622595
The clients version must be enterprise or higher to use applocker.
https://technet.microsoft.com/library/hh831440.aspx

NEVER NEVER have users run as admin's .. if they need admin privileges then have then use the runas options to run as an admin.
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 40623208
" Most of the workstations have domain\users added to the local administrators group. I believe this may have to be un -done for applocker to work" - no, we can setup applocker so that it will rule admins, too. But local admins are a big risk anyway, so get rid of them if you can.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question