Security Problem

NotTheRealTim · November 28, 2018

I have a rather strange problem that I could use some help with. I work at a library and we use a program called Envisionware PC Reservation. It puts a timer on users sessions on the PC. The patrons (especially the teens) have figured out how to kill the process to get unlimited time. Is there an easy way to keep anyone, but administrators from killing a process in task manager or Process Explorer?

Snipergod87 · November 28, 2018

Block access to the task manager, stop the users from running .exe's from non approved locations (GPO will by default only allow C:\Windows, C:\Program Files, and C:\Program Files (x86) if you enable those settings), so if they download process explorer it cannot be launched. as they should not have write access to any of those directories.

These settings are configurable group policy settings.

You should probably prevent booting from USB flash drives completely as well and secure the BIOS with a password.