[unisog] Restricting software at colleges and universities

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Wed May 14 17:24:50 GMT 2003

On Wed, 14 May 2003 09:31:09 EDT, "Hart, Lee Anne" <lhart at mc.cc.md.us>  said:
> Is it possible to restrict/prohibit software in higher ed. institution?

In general, if you allow the user to install software, it will get installed. ;)

> We are a two year community college with no residence halls (luckily)

You *might* be able to lock down all the machines then - but beware that
this pushes software maintenance costs around.  Hopefully, some percentage
of your users can be trusted to install patches/upgrades on a regular basis.
If you lock the boxes down, your IT staff gets to do it.

Therefor, that level of lockdown is probably impractical unless you use
something like Win2K group policies to implement software pushes.  No,
I'm not a Win2K wiz, and don't know how to do this.  Google is your friend. ;)

> and we are currently in the process of writing up a guideline/practice
> against installing and using certain software programs such as
> peer-to-peer file sharing.  We have an AUP, but are looking to write up
> something more focused on P2P software.  I am interested in hearing how

Address the *problem*, not the vector.  The three biggest problems I've
seen with P2P software:

1) Bandwidth usage.  That's what Packeteers and similar traffic shapers
are for. ;)

2) Copyright infringement.  Note that P2P software *does* have non-infringing
uses - I've seen several recent Linux software releases get mirrored via P2P to
save the pounding of the main site.  The cure here is to make it known that if
a complaint arrives, there *will* be consequences - I suspect that one major
reason why we have only some 250 RIAA/MPAA complaints a year for 25K students
is because they *know* that the first time they get a warning, and it gets
cc'ed to our internal Judicial Affairs, and that the second time, they *will*
end up sitting on the wrong side of the table at a Judicial Review board.

3) Virus/trojan downloads.  You should *already* have anti-viral software on
all the desktops.  And quite likely, if you still allow Outlook or IE on the
desktops, using "virus" as an excuse to ban P2P doesn't have legs to stand on.

Of course, that's just my viewpoint.  Whether I actually have a clue or not
is for you to decide. :)
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20030514/18975868/attachment-0006.bin

More information about the unisog mailing list