Sleep well with proper user profiles
Security breaches can cause lots of sleepless nights. So it's important, when setting up profiles for network users that you examine security related issues of each profile and apply the one that works in conjunction with the company's security policy. The most common profiles are local and roaming.
With local profile all user and configuration settings remain on the workstation
- Securing configuration settings is not an issue because the profile is stored locally.
- No server storage space is required
- There are no bandwidth issues
- Since profiles are locally stored it may be difficult for to establish change-control policies globally.
With roaming profile all user and configuration settings reside on the network server.
- Establishing security policies and scripting is much more efficient.
- You do not have to spend time in setting up restrictions.
- User can log on to other workstations and still use current settings
- Requires server storage space. If there are many users with settings that include .bmp files this can utilize a large amount of storage space.
- Bandwidth becomes an issue, especially with many users logging on at the same time
- Roaming profiles can create a security risk especially if the user profile points to a folder that may store confidential information on the network server. Unauthorized personnel can easily access this information if the user fails to log off.
Consider the implications of each profile options before implementation. One possible option can be to use roaming profiles for users who may not be using a workstation on a daily basis.
Adesh Rampat is a member of the Association of Internet Professionals, the Institute for Network Professionals, and the International Webmasters Association. He has also lectured extensively on a variety of topics.
Did you like this tip? If so, (or if not) why not let us know. Send an email to us and sound off. Or visit our tips page to rate this tip, or submit one of your own.
Programming Windows Security
Author : Keith Brown
Publisher : Addison Wesley
Published : Jun 2000
Windows security has often been considered a dry and unapproachable topic. For years, the main examples of programming security were simply exercises in ACL manipulation. Programming Windows Security is a revelation providing developers with insight into the way Windows security really works. This book shows developers the essentials of security in Windows 2000, including coverage of Kerberos, SSL, job objects, the new ACL model, COM+ and IIS 5.0. Also included are highlights of the differences between security in Windows 2000 and in Windows NT 4.0.