February 21st, 2008 06:23 PM
Blocking cracked software
I have approximately 75 employees all on Windows XPsp2 in an Active Directory domain environment. These employees don't seem to grasp the concept of why cracked software doesn't belong in the workplace. So I figured like any good solution I will just throw money at it. Can anyone recommend some good software that can monitor applications installed on the end users machine and or possibly block cracked software? Also if anyone has any other good ideas on how to solve this issue I will except that too. Thanks.
February 21st, 2008 07:40 PM
break thier fingers...(joking)
Remove them from the local administrator group...they wont be able to install software.
Write an Acceptable Use Policy...and threaten dismissal if violated
Use group policy to lock down the machines
"There are to technical solutions to adminstrative problems"
How people treat you is their karma- how you react is yours-Wayne Dyer
February 21st, 2008 07:41 PM
A simple solution may be to lower the employees rights so the they can't install software.
February 21st, 2008 07:46 PM
I cant think of anything but I like DjM's idea :-)
February 22nd, 2008 01:25 PM
MLF has the only correct solution
Preventing them from installing anything is the way to go.
This will also protect your users (to an extend) against malware.
Experience is something you don't get until just after you need it.
February 23rd, 2008 05:44 PM
These are great solutions to the problem and if you are looking for software i use SIW http://www.gtopala.com/ this will show what software is running on the computers. But like they said it before, permissions and user restrictions are your best solution. With the right group policies you can knock this out in no time.
February 25th, 2008 08:55 AM
Also, lock all floppy, CD and USB drives. Prevent downloading of files from Internet completely, only allow necessary attachments in emails and block all mails greater than a certain size.
February 25th, 2008 01:01 PM
stop access to 'run' command
deny ALL attachments in outlook, you can always grab some from filter if really required
it is best to set a 'deny all' policy, then to fine tune it to allow certain 'trusted' senders
rather than an 'allow all' where YOU have to check everything
use of group policy is THE way to go
set it onto the PC's too
set up a bunch of groups, with each having certain permissions set, drop users and their PC into the required group
it is easiest to do it from a group level, as micro managing everything is impossible once you get above just a dozen persons
even the military recognise this
each level up / rank, has 'power' over those lower, and those immediately lower number around a dozen
general talks to his colonels
colonels talk to their captains
captains talk to their sergeants
sergeants talk to their infantry troop
you get the picture
generals do not need to talk to troops
hell, even jesus could only man manage a dozen disciples
and definately get an AUP up abd running
to be signed by all
and to be adhered to
55 - I'm fiftyfeckinfive and STILL no wiser,
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
February 25th, 2008 02:26 PM
By ThePreacher in forum Miscellaneous Security Discussions
Last Post: December 14th, 2006, 08:37 PM
By SDK in forum Microsoft Security Discussions
Last Post: September 3rd, 2004, 01:12 PM
By Zonewalker in forum Operating Systems
Last Post: May 13th, 2004, 01:34 PM
By Soda_Popinsky in forum Web Security
Last Post: February 15th, 2004, 02:19 AM
By allenb1963 in forum AntiOnline's General Chit Chat
Last Post: September 17th, 2002, 07:05 AM