School Library PC Security

[rickys2018]

Good evening, I do some pro bono work for a school that has about 15 Windows PCs joined to a Windows 2016 Server domain. All teachers have their own domain credentials that they use to log into their laptops. There are 5 PCs in the library accessible to students. All students share a common username/password to log onto these PCs. I have strict controls on these PCs via GPO and student user isn't allowed to do much on the PCs other than loading up a browser and some word processing etc. I also have content filtering enabled via our security product (Bitdefender) which also includes AV/Malware blocking etc. At the gateway, all traffic is funneled through a security appliance which transparently checks the traffic for malware, botnet etc. This device also has it's own set of content filtering rules enabled and ensures access to only approved websites is allowed.

Today we had an incident where 3 students went to Google and searched for some inappropriate images. Though they didn't click on any links however the images did come up and were enough to startle the folks around them.

I was asked about our security measures and whether something like this can be blocked in future. I explained in detail about the security measures we have in place however I wanted to come on here and find out whether there is anything more I can do? I am more into Cisco networking than Microsoft and doing this work voluntarily for this school.

Thank you

Continue reading...