Today’s corporate IT is composed of a multitude of different devices. It is now commonplace to see laptops and desktops cohabiting with thin clients and tablets in corporate environments.

The employee’s need for accessing information at any time is a challenge to the IT manager, who has to find ways of securing environments without compromising access. In other words, the need for security must be accompanied by the need for simplifying access. Most employees remain focused on the ease of access to information, while IT managers have the difficult task of focusing on data security.

Today’s users have a level of IT knowledge that is vastly greater than it has ever been. However, the sensitivity of most users to the issue of IT security remains disastrously low. How many of us use the same password to access a multitude of web sites? And how many of us are aware of wifi security? So it is the IT manager’s responsibility to manage these 2 conflicting requirements:
1. To secure environments
2. To simplify access.

While this challenge can be met in large corporations via the deployment of Virtual Desktop Infrastructure (VDI), one should remember that VDI is a complex technology and a costly investment for most businesses and institutions to undertake. In fact, even for those who have such infrastructures in place, the challenge remains the same: to manage and cope with complex operating systems residing on the user’s desk. One of the first things the IT manager has to do, in such a context, is to secure the local OS itself. How many users are “messing around” with their PC’s configuration with unwarranted confidence? How many users are using prohibited applications, installing them on their PCs without anyone’s authorization?

While Group Policy Objects (GPO) can be implemented when the infrastructure relies on active directory, GPOs are complex to implement and require a significant level of expertise. Complexity of implementation is even greater for smaller organizations. Also, what is to be done if the company is not operating under Active Directory? In such cases, some companies and institutions have begun using simple tools that allow them to impose restrictive modes on the user. The principle is simple: you select the user or list of users you wish to restrict. Then, with a very simple menu, you select the restrictive modes you wish to impose. Such restrictive modes might include:

  • What the start menu will look like for a user (shut down options, access to folders, etc.)
  • Desktop explorer options that will be active or inactive for the user (adding or removing a printer, usb access, right click, etc.) as well as the drive letters he/she can access or view
  • Control panels the user will have access to (keyboard or mouse control) and those which will not be accessible (administrative tools, etc.)
  • How the “ctrl-Alt-Del” key will behave for a user (modify password, logoff, etc.)
  • A list of applications the user will not have the right to run (regedit.exe, cmd.exe, etc.)
  • How you want the IE browser to behave and the list of web sites you wish to authorize or block

With software products like proVlocker™ from WanPulse, these restrictive structures can be created and distributed within minutes, over thousands of devices, such as laptops, tablets or PCs. This does not require the expertise of an IT manager and such structures can be created at a moment’s notice. By using such simple products, and by applying the right restrictive modes on their devices, IT departments can slash costs on calls made to tech support and thus save money (and time) spent on pesky interventions. This has been a proven advantage in many different environments, from private corporations to local administrations and retail companies. In fact, companies and institutions are seeing a remarkably quick return on investment with this type of product – barely a few months – given that security is rapidly becoming the most expensive (and time-consuming) liability in IT.

Categories: Articles