[SOLVED] DaaS and/or KIOSK Mode?

Toggle sidebar Toggle sidebar
Molon Labe

Molon Labe

Honorable
Apr 20, 2017
53
2
10,545
Goal:

Secure Computing day-to-day

  1. When restarting PC or starting up from shutdown, block access/view of BIOS to make changes.
  2. (Still have bitlocker enabled for startup) prior to loading into windows.
  3. Auto-login to a kiosk profile w/ standard user rights. (must have ability to chose another admin profile/login for management or non-kiosk use either before login or after)
  4. While user is logged in have VM load automatically after starting Vmware.
  5. Prevent user for making any changes to vmware, the vm, only allow admin to make snapshots/revert ect.

Is this better accomplished w/ another DaaS, like Amazon, Citrix, Or Vmware UEM ect?
Then just use kiosk mode to launch web browser that loads DaaS providers site for use?
 
Solution
popatim
Molon Labe said:
  1. When restarting PC or starting up from shutdown, block access/view of BIOS to make changes.
  2. (Still have bitlocker enabled for startup) prior to loading into windows.
  3. Auto-login to a kiosk profile w/ standard user rights. (must have ability to chose another admin profile/login for management or non-kiosk use either before login or after)
  4. While user is logged in have VM load automatically after starting Vmware.
  5. Prevent user for making any changes to vmware, the vm, only allow admin to make snapshots/revert ect.
Click to expand...

1: put a password on the bios.
2: Bitlocker the whole drive.
3: Windows Guest mode with sounds like what you need here or a standard account w/o a password (and Admin accounts (make two admins in...
Sort by date Sort by votes
I can think of about six thousand hobbies that make a lot more sense than trying to lock yourself out of your system. You do realize that setting up such a kiosk style control system likely isn't going to stop anybody from having full control if they get into the system from outside your network rather than actually being in front of the system, right?

If you have plans to set up OTHER systems, potentially at locations where you WOULD need to have these features enabled, THEN it would make a lot more sense as simply practicing the configurations but you could do that within a VM and not affect your main OS installation much, or at all.
 
  • Like
Reactions: Molon Labe
Upvote 0 Downvote
Molon Labe said:
  1. When restarting PC or starting up from shutdown, block access/view of BIOS to make changes.
  2. (Still have bitlocker enabled for startup) prior to loading into windows.
  3. Auto-login to a kiosk profile w/ standard user rights. (must have ability to chose another admin profile/login for management or non-kiosk use either before login or after)
  4. While user is logged in have VM load automatically after starting Vmware.
  5. Prevent user for making any changes to vmware, the vm, only allow admin to make snapshots/revert ect.
Click to expand...

1: put a password on the bios.
2: Bitlocker the whole drive.
3: Windows Guest mode with sounds like what you need here or a standard account w/o a password (and Admin accounts (make two admins in case one corrupts))
- the autologin can be set in the VMware or in the VM's OS (registry for windows)
4: Auto login - Put the VMware System Startup folder = C:\Program Data\Microsoft\Windows\Start menu\programs\Startup
* Program Data folder is a hidden folders, Enable "View Hidden..." in File Explorer to see them
5: Probably handled by as 3: & 4: already and maybe just make VMware only run (execute) for System & Admins in the executables Security properties.
 
  • Like
Reactions: Darkbreeze
Upvote 0 Downvote
Solution
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom