Roaming Profiles and Security Risks

  • Thread starter Thread starter Noloader
  • Start date Start date
N

Noloader

Hello,

I recently became a part of a large organization. The organization
does not use Roaming Profiles. I was told the reason is due to
security risks.

Can someone point out the associated security risks? I can't recall
any from my MCSE training (but its been a while).

Thanks,
Mike
 
Maybe you're approaching this backwards....what are the reasons *they*
believe it to be a security risk? I don't see any, myself. The default
security on the profile shares will allow only the user...and if you have a
good password policy in place, what's the worry?
 
I agree...Roaming profiles are very secure.. Even if you are logged in as
admin at the server they are stored on, it is a pain to get into. You have
to take ownership and even after that is done, some files are not accessable
due to the SYSTEM account. :)
 
Hi Lanwench,
what are the reasons *they* believe it to be a security risk
Click to expand...
No answer - I think its politics.

I even went through the latest copy of Hacking Exposed. I could not
find any mention of profiles factoring into the equation.

Mike
 
H Rich,

Hi Lanwench,
I agree...Roaming profiles are very secure..
Click to expand...
I concur with you and Lanwench.

I even went through the latest copy of Hacking Exposed. I could not
find any mention of profiles factoring into the equation.

Mike
 
Noloader said:
Hi Lanwench,

No answer - I think its politics.
Click to expand...

If you provide them with a list of the benefits of roaming profiles (even as
far as how it makes it a LOT easier to replace a failing/failed computer)
and they can't come up with a list of legit risks, push for it.
I even went through the latest copy of Hacking Exposed. I could not
find any mention of profiles factoring into the equation.

Mike

"Lanwench [MVP - Exchange]"
Maybe you're approaching this backwards....what are the reasons
*they* believe it to be a security risk? I don't see any, myself.
The default security on the profile shares will allow only the
user...and if you have a good password policy in place, what's the
worry?
Click to expand...
Click to expand...
 
Back
Top