Setting a good example by avoiding ‘Administrator’
25 Jun 2004[Dana Epp’s ramblings at the Sanctuary : Microsoft, Youâre not setting a very good example. I am disappointed.][2]
I’ll admit my guilt. I run win2k on one machine on my home network and for the most part haven’t yet been bothered to setup any additional users and do th
ings the right way. The machine is behind a firewall and as up to date as possible on security fixes, so I’d like to consider it fairly safe. If I
were running XP things would be different because I easily logout without losing my session.
On the flip side, I work in Linux and that’s where I’m most experienced from an administrators point of view. It pains me when I come across a workstation
where a user has left their machine unattended and:
1) Unlocked
2) Email opened
3) root consoles open
… etc
Personal Experience
While I was still in University (a few months ago), I’d see (computer science) students in the labs that would often leave themselves logged in to a system
for extended periods of time while they left the room.
Security is important, academic integrity is important. People need to start taking appropriate mechanisms to pre-empt these security breaches. Using the
university example, it’s not a stretch of the imagination to believe that students had easy access their classmates projects. This access amounted to acad
emic fraud and, if not taken care of, could potentially have an impact on the value of my degree.
I like Aaron Margosis‘s take on this, but I would take it a small step fu
rther. If you come across and unattended PC logged in as admin, first lock the screen (and then tell them they’re setting a bad example). Half the time p
eople don’t realize the consequences of their actions, or inaction in this case….
Repeat after me..
Security….
Security….
Security….
[2]: http://silverstr.ufies.org/b
log/archives/000640.html "Dana Epp's ramblings at the Sanctuary : Microsoft, Youâre not setting a very good example. I am disappointed."