Project Solid Ground FAQs
From TSSwiki
Frequently Asked Questions about Project Solid Ground
- What is Project Solid Ground?
- In short, Project Solid Ground is an initiative that the IT department has started to improve customer service, increase computer security, improve response times to reported problems, and enhance our ability to be proactive. For more detailed information, please visit this page.
- I use a Macintosh computer with OS X. How will this project affect me?
- Initially, Macintosh users will not be affected at all. We are focusing on computers running Microsoft Windows. Newer Macs that are "dual-booting" Microsoft Windows will be affected by this, however.
- My computer is running Microsoft Windows. How will this project affect me?
- The impact on most users should be negligible. Most users will still be able to complete their daily tasks as if we had not done anything. However, some users will notice changes to their computer setups. These changes include:
- Computer Re-Imaging: We will be visiting nearly every Windows PC on campus in order to put a fresh "image" on each one. The new "image" will have all of the latest security updates and patches in addition to the most recent versions of the various software for which we are licensed. Unfortunately, this means that your hard drive must be wiped clean. You will need to make sure that all of your important documents, spreadsheets, and other data are backed up. Before we come through your building, we will be available to assist individuals with consolidating and backing up their data. We want to be sure your important data is backed up before we re-image.
- Possible Email Client Change: Users who previously used Mozilla to read their email will now be using a program called SeaMonkey. Mozilla is no longer being updated by the company which created it. Updates to Mozilla are being handled by the open source community who have renamed the software SeaMonkey. The interface to SeaMonkey is identical to the Mozilla Application Suite. For more information on SeaMonkey and Mozilla, please visit these links:
- Printer Set Up: We have not yet found an automated way to restore a user's printer settings and selections. Simple instructions for setting up printers can be found here. Users may also contact TSS for assistance with setting up printers.
- Remote Computer Management: Part of our re-imaging process includes the installation of remote management tools. These tools will allow us to push software to computers upon request, remotely manage security patches and updates, and allow us to offer remote assistance sessions to users.
- Administrative Privileges are No Longer Being Given to Users: Accounts with elevated privileges have been widely misused - not just at MCC, but everywhere. These accounts are the number one target of hackers, virus authors, and spyware programs. The true purpose of administrative accounts is to perform system related tasks such as installing software, applying updates, changing settings, and other tasks related to keeping a computer running properly. Users should do everyday tasks while logged in to a non-privileged account. For more detailed information on the risks associated with Administrative accounts, please visit this page. Please note that this policy has been in place for quite a while. We are now trying to get the last remaining instances of this taken care of.
- Computer Re-Imaging: We will be visiting nearly every Windows PC on campus in order to put a fresh "image" on each one. The new "image" will have all of the latest security updates and patches in addition to the most recent versions of the various software for which we are licensed. Unfortunately, this means that your hard drive must be wiped clean. You will need to make sure that all of your important documents, spreadsheets, and other data are backed up. Before we come through your building, we will be available to assist individuals with consolidating and backing up their data. We want to be sure your important data is backed up before we re-image.
- The impact on most users should be negligible. Most users will still be able to complete their daily tasks as if we had not done anything. However, some users will notice changes to their computer setups. These changes include:
- How can I install new software if I don't have Administrative Privileges on my computer?
- If you need software installed, you will need to contact us to have a service call logged for the software installation. The basic reasons for this policy are as follows (Please visit this page for more details on software installation:)
- License compliance: We need to ensure that all software installed on MCCCD owned computers is in compliance with applicable licensing. Unlicensed software could lead to costly lawsuits for the district. The individual who performed the installation can be found personally liable for fines as well.
- Interference with Existing Software: Even if done properly, newly installed software could interfere with the functionality of existing software.
- If you need software installed, you will need to contact us to have a service call logged for the software installation. The basic reasons for this policy are as follows (Please visit this page for more details on software installation:)
- Why is this project called Solid Ground?
- The virus attacks that MCC was hit with in December of 2006 and January 2007 really illustrated to us that the way we've been deploying desktop computers to users was flawed. We had always known there were flaws, but none of us expected they could lead to as bad a situation as we were hit with. In the past, we didn't have the tools we needed to remotely manage end-user desktops. This made it difficult to ensure that every computer was up to date with antivirus programs and security patches. Additionally, many users had administrative privileges on their computers. When a hacker or virus exploits a vulnerability while a user with administrative privileges is logged on, they can easily get the same elevated access (this is an overly-simplified explanation, but it fits.) Internally, we described this as "having built a house on a foundation of sand."
- We now have the tools we need to assist with better managing end-user desktop comptuers. The problem is that we essentially need to visit each computer on campus to make sure they are compliant with best practices. This includes making sure that all users follow the Principle of Least Privilege which basically states that a user should be logged on with only the minimum amount of privileges they need to do their job. Once we've completed this project, we'll be able to better manage remote computers. We will be able to "push" software to a computer - eliminating the need for a technician to be physically present to install software for you. We will have better control of systems so we can be sure they are up to date with security patches, so they will be less vulnerable to viruses and hackers. In short, this effort will give us Solid Ground upon which to build our "house."
