On occasion, I get asked or hear someone complain about how we have our computers restricted. Someone will ask why they can’t install whatever program they want or ask why other counties let their users do whatever or install what they want on their computers. Before I go into that I want to tell you how things were when I came to this county. We barely had 2000 computers when I transferred here and things were a mess. I spent a good deal of my time running around trying to fix computer after computer that had been infected with viruses, trojans, and rootkits.
I decided to make a change and discussed the issues we were having and my plan to remedy them with the Director of Technology and the County Superintendent. The green light was given so I redesigned our networks and computer systems and reloaded every computer in the county. Yes, it was a big job but it has paid off in the long run. The way we are set up now it is extremely difficult for our machines to be infected. I haven’t had to clean a machine of viruses in years.
We protect our users by not allowing anyone to have administrator rights on our machines. We only allow programs to be installed that have been approved and added to our Software Center. We restrict what programs can run to those that are already installed or those listed on our Software Center. We enforce antivirus policies and keep our machines current with Windows updates.
We now have around 11,000 computers which are quite a few more than when I started here. If those machines weren’t controlled it could be chaos. If stopping viruses and rootkits wasn’t a good enough reason below are some examples of what we protect our system from and why we don’t allow users to just do what they want.
Click on the links below and they will open in another window.