Policy guidelines?

  • Thread starter Thread starter Todd Sowter
  • Start date Start date
T

Todd Sowter

Our company has so far been reasonably relaxed about user desktop policy but
we now have a directive to tighten down and have a break/tamper proof
desktop environment. In my experience this only causes headaches unless
thoroughly tested. Unfortunately our company is very diverse in it's
business operations... ie not a simple call centre and sales unit. This only
makes things worse.

Before I head down the path, I wondered if someone has a comprehensive (or
less) guide of the pro's and cons of each standard MS policy or a lessons
learned type of approach. An online forum might also be helpful.

I've had a look through the NSA guides but something from a real life
experience of an admin would be more appropriate.

Dave.
 
-----Original Message-----
Our company has so far been reasonably relaxed about user desktop policy but
we now have a directive to tighten down and have a break/tamper proof
desktop environment. In my experience this only causes headaches unless
thoroughly tested. Unfortunately our company is very diverse in it's
business operations... ie not a simple call centre and sales unit. This only
makes things worse.

Before I head down the path, I wondered if someone has a comprehensive (or
less) guide of the pro's and cons of each standard MS policy or a lessons
learned type of approach. An online forum might also be helpful.

I've had a look through the NSA guides but something from a real life
experience of an admin would be more appropriate.

Dave.


.
Click to expand...
Dave,

This is quite an undertaking! I am not so sure that any
one of us would be able to go through each and every
possible policy as there are hundreds ( I am not sure
exactly how many there are: This has me thinking - I will
take a look and do a manual count the next chance that I
get! ).

I think that what might help us to help you ( sorry! ) is
to give us just a bit more detail about your environment.
As you described it I can only imagine what might be mixed
in there.

Here are a few questions for you:

Are we talking about 1000s of users or "simply" 100 users?
Do you have all MS Windows computers?
Do you have any legacy clients ( WIN9x/WINNT )?
Do you have multiple Sites - or just the one?
Do you have a lot of laptops?
Do you make use of Roaming Profiles?
Do you have multiple domains?

Also, what is it that you would like to lockdown? TO me
locking down a desktop might be faaaar toooo stringent for
you but not nearly enough for someone else, or vice versa.

And please forgive me if I am wrong but I sure do hopethat
this is not a homework assignment ( meaning, not a real
production environment requirement )...

Please let us know...

Cary
 
Back
Top