Windows Security Guidence

[Oasisfactor]

Greetings, I'm not sure where to ask this question, so if this is the wrong forum then please move it.

I started volunteering at a community center that teaches people the basics of computers. They use Windows 7 and Secure login (CTRL+ALT+DEL). They also printed and pasted the passwords to the machines on the case itself. I don't work there, but they thing is, this is bad security practice. I know they did this for convenience. I haven't used the machines yet, but I'm assuming they gave the users administrator accounts.

These computers can be used by ANYONE, meaning anyone can walk in plug a USB drive in, or download whatever they want, and run it in admin mode.

I'm thinking about talking to the manager about this, What is the best password practice when it comes to a public lab? Should I also recommend not using Admin accounts for standard users?

 

[ThrashZone]

Hi and welcome to SevenForums,
Not sure about crtl+alt+delete deal but I'd ask for more details and I would imagine the accounts are not admin but this would be my first inquiry

Either way they might take care of some sure in the network firewall
And as people come and go they may maintain them other ways seeing as the passwords are printed on them
They might not even be connected to the internet ?
Cheers.

 

[Oasisfactor]

They are connected to the internet. I have to teach people using these same computers how to create e-mail accounts, type documents, and use social media.

 

[Alejandro85]

What are the exact things you want to protect against?
Preventing them messing with computers? Disallow everything but web browsing? Keeping privacy of the data stored there?
Which raises the questions, what activities do them need to support, how the admins will use them, and what data the users and the owners will store there, if any?

 

[Oasisfactor]

Don't like the idea of just anyone having admin accounts.



I'm teaching them how to use social media, and the basics of word, excel, etc... I might teach them how to use a password database such as KeePass, and how to store files on a USB. Under no circumstances will I allow them to store files on the computers.

 

[ThrashZone]

Hi,
Saving files directly to flash drives can spread infections pretty easily what is your goal to infect other machines via plug and play ?

You need to save in the default areas = Downloads folder then scan with multiple utilities antivirus/ Malware would be the best two right there before transferring to flash media device
Otherwise you teach them the easiest way to carry portable corruption to other machines.
Cheers.

I'll add on any machine turn autoplay Off,
Once a flash drive is connected scan it immediately with the other systems security a-v and malware utilities.

 

[Oasisfactor]

Hi,
Saving files directly to flash drives can spread infections pretty easily what is your goal to infect other machines via plug and play ?

You need to save in the default areas = Downloads folder then scan with multiple utilities antivirus/ Malware would be the best two right there before transferring to flash media device
Otherwise you teach them the easiest way to carry portable corruption to other machines.
Cheers.

I'll add on any machine turn autoplay Off,
Once a flash drive is connected scan it immediately with the other systems security a-v and malware utilities.

The issue is, showing them to scan might be too difficult, these people never seen a computer before, or rarely used one.

Do I need to worry about scanning if it's just saving files that they created ex. doc, xls .....?

 

[ThrashZone]

Hi,
Well safety and security is item one to learn about since these people can download anything and plug anything in and go.

Which in it's self is not a good idea or environment to plug in anything or create anything to take to another computer that might have more infections than the first

Then you can get into where everything is located programs..... and how to "save as" in doc formats picture formats... and of course where to save items so they can easily find them = making folders.....
Then be able to search and find those folders using save as = browse function.

Either way with an open admin rights users place like that you'd have to know how often these machines are wiped clean and what security suite they have installed = Norton/ ...... because you'd have to scan them every time someone logged in or the previous was logging out :/