|Ever since desktop computers hit desktops, public access computers have been in danger from creatures large and small, cyber or real. Attacks may occur out of malice, mischief, well meant but misplaced intentions, or just plain ignorance. They come from within (library patrons or staff) or from the outside (viruses).|
This article will offer some suggestions on ways to protect public access computers.
Larger organizations often have their own firewalls set up to prevent attacks against their networks from the outside. For cases where there is no organization-wide firewall, personal firewall software for individual computers is available, such as Norton Personal Firewall (http://www.symantec.com/sabu/nis/npf/) and ZoneAlarm from Zone Labs (http://www.zonelabs.com/). ZoneAlarm is free for personal and non-profit use.
Computer viruses can wreak havoc on a computer. They can be spread via the Internet, and also by using infected diskettes. Anti-virus software should be installed on all computers, and updated on a weekly basis. Two popular anti-virus software programs are Norton Antivirus (http://www.symantec.com) and McAfee Antivirus (http://www.mcafee.com).
Password protection is important. CMOS setup should be password protected, so that users cannot change the computer's date, boot sequence, CMOS setup password, or other basic settings. CMOS setup is the Setup you see when you first boot up a computer. Usually there is a line in the middle or the bottom of the screen that says something like "Press DEL to enter Setup". A screensaver password might be helpful for staff workstations located in a public area to discourage patrons from using them if the staff member steps away from the desk for a moment. (It is easy to get around a screensaver password by rebooting the computer, but this might be enough to discourage someone). Passwords should be chosen with care. They should not be obvious words like 'library' or 'reference'. A combination of letters and numbers is often recommended. An example of a good password would be something like 'Iaototw1', which stands for the phrase 'I am on top of the world' with a number 1 at the end. Passwords should not be the same for all computers in the library, and they should not be taped on to the computer's monitor or cpu case. They should be changed periodically.
Operating System Options
The operating system makes a difference. Windows NT, 2000, and XP offer ways to restrict access to certain parts of the system from end users that are not available in Windows 95, 98, or ME. For example, one can set up a very restricted account that can make no system changes at all for end users. Do not let end users use the system logged in as a power user. Make sure all security patches are applied when released, particularly with Windows XP, which is still very new. As it becomes more widely used, security flaws may come to light. Microsoft product security patches are available from the Microsoft website (http://www.microsoft.com/security/default.asp). No matter which version of Windows you use, emergency boot disks and/or rescue disks should be made and kept in a safe place, in the event of a system crash.
Maintain a regular backup schedule. Windows comes with its own backup program. Other backup programs with more features are available, such as Dantz's Retrospect (http://www.dantz.com/), which lets you schedule automatic backups of your system. It is also important to test backups. The time of a system crash is not the best time to see if a backup is really working.
There are many software packages available to help secure public access computers. Fortres Grand (http://www.fortres.com) offers several Desktop Security programs: Fortres 101, Clean Slate, Cooler, and Central Control. Fortres 101 blocks patrons from performing actions as specified in Fortres' parameter settings, such as access to My Computer, Windows Explorer, and the Start Menu. Fortres can be administered individually on each work station, or via a network with Central Control. Clean Slate does not restrict users' activities, like Fortres does, but it will restore drives back to their original configurations when the computer is rebooted. While Fortres and Clean Slate work with the Windows environment, Cooler can be used to change the way an individual program behaves. It can restrict key combinations, menu items, dialog boxes, or toolbars. Like Fortres 101, Cooler can be administered individually or via a network with Central Control.
Another software company that offers desktop security programs is Altiris (http://www.smartstuff.com). LabExpert is a PC cloning tool that can simultaneously configure multiple computers. It can store disk images to be reloaded at a later date. LabExpert can be configured and deployed remotely. FoolProof Security is similar to Fortres 101 in that it controls access to parts of the Windows environment.
Nail It Down
Don't forget to lock down hardware, as well. Back in the days when memory was more expensive, it was not unheard of for memory chips to disappear from a computer. Cables and mice can be easily swiped, and should be secured. Also on the subject of hardware, it is important to protect your computers from power surges, by plugging computers into surge protectors, instead of directly into power outlets. If power outages are common in your building, it might be worthwhile to invest in an uninterruptible power supply (UPS), which will keep your computers on long enough after loss of power so that they can be shut down properly. For more information on surge protectors and UPSs, see the APC website (http://www.apcc.com).
|Security should be considered an ongoing process, not a one-time activity. Update anti-virus software and run backups on a regular basis. Check to be sure security software is working properly and hasn't been tampered with. Keep up to date with what's going on in the computer world: new viruses, security risks, updated security patches, etc.|
For more information on computer security issues: