Windows Security Guide Request

electro89

Member
E
Join Date
Mar 2012
Location
Canada
Posts
106
Does anyone know of a good guide to locking down Windows workstations in a domain setup, so only specific software (such as your SCADA software) can be run without any other access to the OS or network? Typically I'd work with IT on these tasks but I'm familiar enough with the Windows environment that I'd like to be able to do it myself if need-be. For non-process related kiosk applications, I've used third party software to accomplish this, but just as a quick-and-dirty way of getting it running. For plant-related workstations I'd prefer it done the "proper" way, whatever way that may be.

Thanks in advance!
 
electro89 said:
Does anyone know of a good guide to locking down Windows workstations in a domain setup, so only specific software (such as your SCADA software) can be run without any other access to the OS or network? Typically I'd work with IT on these tasks but I'm familiar enough with the Windows environment that I'd like to be able to do it myself if need-be. For non-process related kiosk applications, I've used third party software to accomplish this, but just as a quick-and-dirty way of getting it running. For plant-related workstations I'd prefer it done the "proper" way, whatever way that may be.

Thanks in advance!
Click to expand...

Depends what OS but i have always just used a Shell if i needed a kiosk display:

https://docs.microsoft.com/en-us/windows/configuration/kiosk-shelllauncher
 
Up till now I have always just relied on running our SCADA (Citect) as a shell, but almost always run into issues when trying to embed something like an ActiveX object, where it will open up a vulnerability that gives the user access to the file system and internet. For example, if I wanted to embed Adobe Reader into Citect, or IE to display a local HTML page, this will introduce a lot of new ways to get past the shell. I just want to lock down the workstation so it will be virtually impossible for the end user to break the system.

More looking in terms of Active Directory and Group Policy settings.
 

Similar Topics

M
factorytalkview v windows security ability
Hi all, I have a problem configuring security for a customer. The factorytalk app has 4 user levels, fine! However they want an autologon for...
Replies
1
Views
1,456
rdrast
rdrast
R
Panelview Plus RSView ME with Windows Domain security
Can anyone point me to some tips and tricks for getting the Windows based security on a PanelViewPlus to work properly. I configured the domain...
Replies
8
Views
8,769
Dravik
D
Deer
Flying windows button for RSView32 security
Hi all, I need your experience, how to disable the Flying Windows button on the computer keyboard, because it is important for RSView32 security...
Replies
9
Views
23,559
kaareem
K
D
Studio 5000 33.00.02 DVD 2 Windows 11 installation issue
Hi everyone, I have an issue with installation of Studio 5000 33.00.02 DVD Media disc 2 with View Designer on Windows 11. After installation...
Replies
0
Views
26
dudek1989
D
A
Windows 11 laptop
Hello all, Hope everyone enjoying their weekend. I just recently bought a laptop to upgrade my old one with i3 its getting slow on me. But when i...
Replies
7
Views
373
Akparjay
A
Back
Top Bottom