Focus on Security
This month's Focus On looks at products aimed at protecting networks and computers from unwanted intrusions, whether from within a school or from unauthorized third parties. As more and more information is made digital and accessible, school administrators may want to invest in ways to keep confidential information safe, and to keep students' online activities focused.
When several people regularly use the same computer, privacy and security can be compromised. Window Washer 3.0, a program from Webroot, helps to erase traces of computer and Internet use, protecting privacy from one user to the next. The program can instantly clean Windows temp files, recent document lists, find history, run history, Internet cache and history, cookies, the Web browser drop-down address bar, CHK files, the recycle bin, and more. Window Washer can be configured to run automatically in the background and wipe each user's traces at startup and shutdown, or it can be employed at the discretion of a teacher or staff member. Users can choose which files, folders, or registries to clean.
The latest version of Window Washer includes support for the most up-to-date versions of Web browsers, third-party plug-ins, MS Office, Windows, and Windows NT4. Removing unneeded system files and temporary files from these programs not only helps protect users' privacy, but can also help increase overall PC performance. An enhanced "bleach" function securely deletes document and Internet tracks by overwriting the data up to 10 times with random characters.
Another product for computers with multiple users helps to guard the documents themselves. DiskLock from Power On Software provides file locking and encryption with a few simple clicks. The program offers various types of encryption, including DES encryption, and supports multiple users, SCSI devices and IDE drives. Unlimited users can work on the same machine, with total security for each user's data, and varying levels of access permitted for each individual. An administrator package that allows for centralized configuration of DiskLock on networked workstations is available at multi-pack pricing. The program is compatible with both Macs and PCs.
Since DiskLock loads before a computer's system software, it is virtually impossible to bypass, and will not let unauthorized users access the system. An intuitive interface makes encryption and decryption as easy as dragging and dropping a folder. For instantaneous data protection, a hot key screen-locking option lets users immediately blank the screen from within any application, to prevent others viewing sensitive data onscreen. To help monitor the computer's security, DiskLock can log any efforts to access sensitive data. The program will not interfere with ongoing tasks such as fax processing, and file-protection settings prevent accidental deletion of data.
Designed to protect public access computers from malicious or inexperienced users without restricting user activities, Clean Slate from Fortres Grand returns drives to their original state upon reboot. The software takes only minutes to install and, for most installations, requires little or no attention afterwards. Its purpose is to restore the computer to its original configuration, no matter what users have done. This includes erasing files, installing software, downloading viruses and altering icons.
Administrators, by password, can specify individual drives or directories that are not to be protected, allowing persistent changes in some areas of the disk. They can also view all changes made and specify which changes should be undone on reboot, and which should be committed as permanent changes. Ideal for environments where a more aggressive security agent would lock computers down too tightly, Clean Slate is invisible to the user and works on Windows 95/98/NT/2000.
School network administrators require security at the network, session, and application levels of their systems. For those using the Windows NT platform, Novell offers FireWALL for NT, a directory-enabled security product that integrates Internet security features with network bandwidth management functionality. The easy-to-use solution ensures that critical traffic receives priority during peak network usage, while the school's Internet presence remains secure.
FireWALL for NT has a simple graphical interface for easy security management. Administrators can set security rules and policies with minimal effort, and adjust them as necessary. The product contains monitoring and alarm features that can track user activity and notify administrators of possible security threats. FireWALL for NT can be used to filter network traffic by numerous criteria, and also offers various user authentication methods, network address translation, and URL filtering. It is compatible with third-party security products, and is available with a 25-, 50-, 100- or 200-user license.
Another product also lets administrators centrally implement workstation protection and network security from an NT or NetWare server. Citadel Technology's Secure PC combines advanced security features such as Internet and e-mail control, application control, and file and folder security with a core set of desktop protection features. The program prohibits end-users from changing system settings, modifying the desktop or installing unauthorized software. It also prevents unauthorized use of computers when they are left on but unattended.
Secure PC's system of "roaming profiles" helps administrators protect workstations wherever users log into the network, whether on site or remotely. Among the system's capabilities are the restriction of inappropriate Web sites, the allowance of only certain programs to be run on any workstation, and the shielding of idle computers with a password-protected screen saver. Folder protection allows the administrator to protect access to drives, folders, files and shortcuts as "locked" or "read-only," while an "exception" feature allows administrators to specify certain programs (such as anti-virus, backup, or scan-disk) that may override this security.
Virus filtering and content filtering are combined in eSafe Enterprise, a centrally administered Internet content security tool. The software can be downloaded free of charge, and helps to safeguard a school's network and PCs from vandalism, viruses, and inappropriate content. Compatible with Windows NT/2000 and Novell-based networks, eSafe Enterprise allows for central implementation for each user, server and workstation. It automatically detects and removes known and unknown viruses, and provides extensive logs and administrative reports. The program includes options to filter communications and restrict access to certain Web sites.
Also available free of charge is eSafe Desktop for the individual PC. Like eSafe Enterprise, the security suite offers comprehensive protection from vandals, viruses, data exposure, and inappropriate content. For firewalls, eSafe Gateway is available for downloading, with features including real-time inspection of FTP, HTTP, and SMTP, and inspection of all known file and MIME types.
For schools that use the FoolProof Solutions line of security and Internet filtering programs from SmartStuff Software, a new application will aid instructors who teach in computer labs.
LabExpert is a remote PC administration and cloning tool that reduces the cost and time required to configure and manage large populations of PCs. The application lets districts, schools and computer lab instructors centrally manage Windows computers, and will automate the installation and configuration of software applications across a network. In addition, LabExpert creates and stores PC disk images, which administrators or teachers can use to restore one or more PCs to an original working state in minutes. LabExpert is a product of Altiris, Inc., and is offered as a companion product to FoolProof Solutions.
Different grade levels may have different Internet filtering criteria. Cyber Patrol 5.0 offers a number of screening options, with streamlined installation and simplified navigation. Cyber Patrol maintains a categorized list of blocked Web sites, and provides administrators with the option to decide which sites students can access and when, with settings tailored to specific groups of users. The lists include several categories of sites that may distract students from online research, such as entertainment and online commerce sites. Cyber Patrol uses a team of professional researchers to determine what online information is appropriate for working environments. The categories, such as "nudity" and "Web chat," can be turned on or off individually by system managers.
Power On Software
New Albany, OH
Fortres Grand Corp.
FireWALL for NT
San Jose, CA
Aladdin Knowledge Systems
Buffalo Grove, IL
Cyber Patrol 5.0
This article originally appeared in the 06/01/2000 issue of THE Journal.