Creating a secure public access workstation is a process made up of many discrete procedures. Furthermore, these steps are interdependent with other features of your secure system, such as network security and user issues. In this age of the Internet, a computer is only very rarely a self-contained unit. Therefore, while this section focuses on how to create a secure public access computer, you should also remember that to truly secure that computer, you should secure your servers and your network, and you must have a way to evaluate and maintain your security. Even though the process outlined below may look formidable, there are fortunately some valuable tools and utilities that you can use to automate some of the steps.
In order to create a secure public access computer, you must:
- Secure the computer's BIOS
- Install the computer with minimal operating system features
- Require user authentication
- Keep the operating system and applications up-to-date with patches
- Install anti-virus software
- Install desktop security software
- Securely configure applications such as office productivity software and browsers
- Educate and constantly remind staff about the need for security
Tools and Utilities
Making a computer administrator's life easier is a top priority for many software developers. Here are several excellent tools that can make your life a lot easier.
- Desktop security software, which restricts user access to a desktop computer's operating system, desktop, printing functions and many applications
- Rollback software, which resets a public access computer to a previous state every time the computer is rebooted
- Cleanup software, which automates the process of deleting temp files and cookies
- Distribution agents, which can automate the process of deploying software to many computers at once
Finally, it is important to remember that the security configuration of your public access computers should be based on your library's Security Policy. Just as libraries need to create an Internet Acceptable Use Policy, they also need to create a Security Policy that details what their computer assets are, why they are trying to protect them, and how to protect them. A library with a Security Policy that considers all of the ramifications of security can then assist your efforts to create a secure public access workstation.
Next: Protecting the BIOS