Educause Security Discussion
mailing list archives
Re: Vetting New Devices
From: "Hahues, Sven" <shahues () FGCU EDU>
Date: Wed, 3 Apr 2013 13:43:26 +0000
We still check all newly connecting student computers for AV software and some version of the operating system using
our NAC (Bradford). They have an agent that can be permanently installed or run once to check for the software the
students should have.
To get through the crunch of new registrations for Fall move in, we ask students to check their computers against our
system ahead of time (there is a website they can download the run once client), and we schedule sessions that the
students can attend during move in week where our helpdesk staff assists up to 30 students at a time.
In the past with Windows XP we used to have a lot of calls because students did not have anti malware software, but
since windows 7 and windows 8 have built in security software this has gotten much less of an issue for Windows users,
and actually we now have more Mac users who have to come in because they don't have AV software.
The biggest reason we go through all this is to register the device to the student so we know later on who devices
belonged to if we have any weird problems with the computers.
Hope that helps!
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Frazier,
William S [ITSYS]
Sent: Monday, April 1, 2013 3:07 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Vetting New Devices
We have for several years required newly connecting student Pcs to be checked using a locally developed program. The
product had the drawback that it was Windows specific. On the other hand, most by far of the incoming devices were
Windows. Now, the other device types are increasing. Also, AV products are flagging our test program and some of the
vendors will not even consider whitelisting it.
We're faced with redeveloping, discontinuing, or purchasing.There is the issue of diminishing returns. Microsoft has
gotten much better about discouraging the sorts of user behavior we tended to catch (open file shares, null passwords,
Are you doing any kind of vetting against newly connected non-guest devices? If so what tools are you using? Also, if
you are vetting, are there particular steps to accommodate the great check-in crunch at the start of major terms?
Thanks for any insights,
William Frazier frazier () iastate edu
voice: (515) 294-8620
Iowa State University fax: (515) 294-1717
Information Technology Services, 251 Durham, Ames, Iowa 50011-2251
Never give out your username or password to anyone. This includes any accounts you have such as: FGCU, bank and credit
card accounts, and other personal accounts.
- Vetting New Devices Frazier, William S [ITSYS] (Apr 01)
- Re: Vetting New Devices Hahues, Sven (Apr 03)