Thanks! It didn't dawn on me to search the archives. All of our systems are touch screen only, so it does make it a little simpler to lock down.
We are starting to talk with IT as well about segmenting those boxes onto a separate VLAN to limit what they can get to as well. ------- Patrick Davis | Exhibitions AV Specialist | The Field Museum 1400 S Lake Shore Drive, Chicago, IL 60605 312-665-7968 On Fri, Nov 6, 2015 at 9:20 AM, Matt Morgan <[email protected]> wrote: > This has been a popular conversation on the list for many years, so have a > look at the archives for a lot of stuff to dig up: > > http://www.mail-archive.com/search?q=kiosk&l=mcn-l%40mcn.edu > > I don't know if this is stuff you already do/know about, but I would say > the basics at least used to be > > 1. Use Windows policies to limit what can happen in the OS (like killing > right-click, etc., & making sure only the browser can start up). > 2. Firewall off the kiosk network onto a different segment than Wifi > networks, internal networks, DMZ, etc. > 3. Use some kind of browser kiosk software to restrict what the browser > can see/do (I think off-the-shelf products are mostly preferred now). > 4. Physically secure the boxes and the ethernet ports to prevent a million > other problems. > > For #4, your design department will probably love the idea of > designing/building beautiful cases, with integrated keyboards (that have no > ctrl/alt/super/function keys) if you need them, etc (or touch-screen > keyboards where it makes sense). It will look expensive, but it's less > costly than your time, and of course anything in the galleries should be as > good-looking as it can be. > > I'm probably forgetting a lot--it's been a while! > > > On 11/06/2015 09:04 AM, Patrick Davis wrote: > >> New to the group. Looking forward to seeing what everyone has to say. >> >> One question that just recently was asked of me by our Director of >> Technology was how we are securing the computers that run our digital >> interactives in the public space. Not well was my answer. We are currently >> hovering around 75 different digital interactives and are adding new ones >> all the time. >> >> I was wondering what everyone here does to lock down their windows 7 pro >> installations. In our situation we have three different kind of >> applications running. A majority of them are standalone flash projectors. >> The rest either run on Firefox or Chrome. I always lean towards open >> source >> solutions but we do have some room in our budget to purchase software to >> make this work. Ideally there would be some kind of central management >> solution that we could use to not only lock them down but keep tabs on >> what >> is going on. >> >> Thanks! >> >> ------- >> Patrick Davis | Exhibitions AV Specialist | The Field Museum >> 1400 S Lake Shore Drive, Chicago, IL 60605 >> 312-665-7968 >> >> >> >> _______________________________________________ >> You are currently subscribed to mcn-l, the listserv of the Museum >> Computer Network (http://www.mcn.edu) >> >> To post to this list, send messages to: [email protected] >> >> To unsubscribe or change mcn-l delivery options visit: >> http://mcn.edu/mailman/listinfo/mcn-l >> >> The MCN-L archives can be found at: >> http://www.mail-archive.com/[email protected]/ >> > > > _______________________________________________ > You are currently subscribed to mcn-l, the listserv of the Museum Computer > Network (http://www.mcn.edu) > > To post to this list, send messages to: [email protected] > > To unsubscribe or change mcn-l delivery options visit: > http://mcn.edu/mailman/listinfo/mcn-l > > The MCN-L archives can be found at: > http://www.mail-archive.com/[email protected]/ > >
_______________________________________________ You are currently subscribed to mcn-l, the listserv of the Museum Computer Network (http://www.mcn.edu) To post to this list, send messages to: [email protected] To unsubscribe or change mcn-l delivery options visit: http://mcn.edu/mailman/listinfo/mcn-l The MCN-L archives can be found at: http://www.mail-archive.com/[email protected]/
