Windows 10 and MORE Security
Well October is Cyber Security Month, and we are going to try and write as many stories as we can to help celebrate this extremely important topic for Technology.
To start off the month our first story is about a program that one of our Help Desk Engineers created. For some background into the story NSK Inc helped a client get through a planned security audit to find better ways to keep their networks, employees and clients secure. As part of the follow up they asked NSK to create a patch that would lock down the user accounts and restrict them from running certain applications that were not deemed acceptable for work, or that could pose a security threat. NSK’s Help Desk Engineer Nick Seratt took to the challenge and created this specific patch for our client. Below is an interview with Nick on how he created this small patch for our client to help them with cyber security.
Question: Nick, in a quick review can you let us know what it was that you created for this client:
“I created a small program to apply a patch that would lockdown user accounts and restrict them from running certain applications that are not deemed acceptable for work or could pose as a security threat. This included applications such as games, insecure web browsers, and third-party applications that are not first approved to be safe. I made the program capable of being deployed silently to every computer for the site that required it.”
Question: What language did you write the program in?
“I wrote the program in Microsoft PowerShell. The Powershell scripting language is simplistic compared to other more robust programming languages, but it is excellent for developing quick solutions that are easily deployable. It works really well for automation of tasks that would otherwise be time consuming if done manually or written in a more complex programming language."
Question: How long have you been writing small program patches, and where did you learn how to do it
“Computer security is my favorite field within IT so I enjoy writing scripts. I am mostly self-taught. I have been programming in various programming and scripting languages for well over fifteen years. Whether it be Powershell, Perl, Python, PHP, C, or C++. I am more competent and comfortable with some of these languages compared to others. When I attended Middlesex Community College I also worked as a tutor for their Computer Science courses which included basic .NET programming and Bash shell scripting for the Linux Operating System. Microsoft Powershell is a language that builds on the Linux Bash scripting idea but for the Windows Operating System. Mac computers use Bash scripting as well, so I am able to use my knowledge with Bash for both Linux and Mac OSX, and I can develop Powershell scripts for Windows. With most programming languages once you understand the logic and core principles of programming, learning new languages is just a matter of learning the different programming syntax, and a lot of practice. “
"This follows the core concept of computer security, which is that with convenience and inherent trust of the user comes security risks and weakening of computer security protocols."
Question: How did you know what applications were a security risk, or a game or what was an insecure website?
“The script I created blocks out users from launching any application that is not in a list of approved applications, so it will block anything that could potentially be a security risk by not giving the user inherent trust with the computer. This follows the core concept of computer security, which is that with convenience and inherent trust of the user comes security risks and weakening of computer security protocols. To mitigate that I developed this script. With the new Windows 10 Operating System the standard way of locking down applications does not seem to catch everything, it still allows for Windows 10 pre-packaged apps to be executed even with the rule to only allow certain applications to be run being in place. I had to program in additional methods of blocking these pre-packaged apps from running as well. Windows 10 comes with built-in games, as well as instant messaging software, and the Windows Store, which allows users to add new applications to the computer easily."
Here’s some additional links to the languages that Nick uses:
https://www.middlesex.mass.edu/ace/downloads/summer11.pdf (Nick’s Tutoring)