Princess Fix IT

UPDATE: So Which Screensaver Will We Pick?

Fortunately, through testing and a tad more research, I was able to find a way to implement the new screen saver lockout policy with a lil less pain on the users? end.

Initially, research showed that if the None option was selected for a screen saver, the policy would not push down properly. Through our own testing, we discovered this was not the case (it is possible the reason this did not work for other companies is because they did not enable the screen saver portion of the policy, but I?m not positive about that).

The settings will be defined as follows:

*Screen saver timeout is enabled
*Password protect is enabled
*Screen saver is enabled

We first tested the policy with a specific screen saver file to run when the PC has been inactive for 15 minutes. This worked, but again, forced us to choose a screen saver for the user. With the new settings, if the option of None is selected in the screen saver tab, the PC will simply lock itself without displaying a screen saver at all. Also, if a user has a specific screen saver they would rather use, that option is now available to them. The ability to change the password protect or timeout increment options of the policy are not available to the users, thus we fulfill our SOX compliancy on this particular task.

Once The Powers That Be send out the email informing the users of this new policy, which should be within the week, it will be interesting to see the reactions that come across the Help Desk. Hopefully, it will be worded in a way so most users understand the difference between logoff and lockout, which password to use and understand we IT Folk should not be held personally responsible for governmental rules and regulations. Yeah, I know dear reader, maybe I?m asking for too much, but one can dream.

So Which Screensaver Will We Pick?

So the latest SOX compliancy Policy project I'm working on is to have workstations lock automatically after 15 minutes of inactivity.

According to some of the research I have come across, this can only be done by forcing screensavers through Group Policy, yadda yadda yadda.

Does anyone know if there is a way to do this without forcing a screensaver policy? From what I have read so far, even if we did push it down via SS, if the choice of ?None? is selected as the current SS, this would bypass the policy. OK so that leads to forcing the user base to use a specific SS and well, that?s just not an option.

With all the features in Group Policy, it is difficult to believe that the SS policy is the only way to go about locking inactive workstations?.right?

Right?

A Soldier, My Cousin, His Words

See Bridge.
See hole in Bridge bad guys made.
See Brian trying to figure out how to fix hole.
See Brian between hole in Bridge with back to lots of Iraqis.
Brian not too smart.
No one shoots Brian.
Good.

Just in case you were slipping on your prayers, here's a reminder of the work those Guardian Angels have cut out for them.

Hi, and Welcome to Hell, We Will be Your Tour Guides, Paul Sarbanes & Michael Oxley

SOX in a Nutshell (directly quoted from the SOX site)

The Sarbanes-Oxley Act was signed into law on 30th July 2002, and introduced highly significant legislative changes to financial practice and corporate governance regulation. It introduced stringent new rules with the stated objective: "to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws".
It also introduced a number of deadlines, the prime ones being:
- Most public companies must meet the financial reporting and certification mandates for any end of year financial statements filed after November 15th 2004 (amended from June 15th).
- smaller companies and foreign companies must meet these mandates for any statements filed after 15th July 2005 (amended from April 15th).
The act is actually named after its main architects, Senator Paul Sarbanes and Representative Michael Oxley, and of course followed a series of very high profile scandals, such as Enron. It is also intended to "deter and punish corporate and accounting fraud and corruption, ensure justice for wrongdoers, and protect the interests of workers and shareholders" (Quote: President Bush).
The Sarbanes-Oxley Act itself is organized into eleven titles, although sections 302, 404, 401, 409, 802 and 906 are the most significant with respect to compliance (Sarbanes Oxley section 404 seems to cause most concern) and internal control. In addition, the Act also created a public company accounting board.
Perhaps one of the most remarkable aspects of this legislation however relates to its profile. It is very much in the public and media arena. The focus is certainly intense in this respect, creating yet another clear motivation for compliance. There is simply no escaping it!

All well and good, eh? I'm not sure password policies, software revision control, forced PC lock outs and a thousand other tiny IT related details are going to stop Corporate Execs from stealing millions of dollars. My personal favorite, from their own website mind you, is the following clarification "There is simply no escaping it!" Classic. You gotta love Big Government.

I can only hope this hassle, this incredible, collasal inconvenience that is bound to get users screaming, actually does stop Corporate Fraud in some way, shape or form. If not, at least we can take solace that several software companies are making a butt load of money off these scare tactics.

Big City Liberals, Meet John & Mary Q. Public

There was shock, surprise and utter disbelief. Liberals will stand together and wonder how this could possibly happen (not really just Liberals, that?s more for effect than anything, hell we?re all quite curious about the results really).

It is a shame. I firmly believe that President Bush is not fit for this honorable position (that increasingly becomes more of a joke each new President), but maybe it isn?t as much of a surprise to me because I understand how this happened.

The shocked reaction makes me believe that maybe Liberals don?t know any people that aren?t in line with their own political points of view. That in itself is odd to me, given that the typical Liberal basis is diversity and tolerance (I always did find that a bit odd). Most of the people in this country maybe aren?t as savvy, involved or even as passionate about politics as people that live in larger cities. They aren?t stupid or careless, they just think about things differently. It really isn?t a tough concept to understand. Maybe Big City Liberals have never actually known anyone that lives in a trailer, who?s net annual family income is less than 30K or had to drop out of high school to get a job and help out around home. Strike that?maybe they don?t know them outside of the charity work they do.

Most Americans are all Apple Pie, Ma & Pa and truly believe in the sanctity of The Presidency. Why would The President lie, right? They see a Good Ole Boy, who I might add, is not really one, but masks himself quite well as such, who stood up for Americans. The majority of Americans do not live in large cities and generally have different values than those that do reside in concrete jungles. Why is this such a mystery? How could we not have seen this coming? Because?because we surround ourselves with our clones. People who think and feel the same. Would it kill a Democrat to reach out to a Republican and open the doors of communication and vice versa? If anything, this election has shown me what a huge wedge we have driven between ourselves as Americans. We need to work together.

Frankly, it scares me Bush will retain office, but maybe this will clue some of the people in this country that there are millions of regular folk out there to speak to, to listen to. I'm not saying they are right, nor am I saying we are either. They aren?t there simply to dismiss or make a punch line to your bad jokes.

And yes?.I did vote.