How do you enforce IT Governance

By w302544 ·
Are there any applications that integrate with AD, that would require employees to read and acknowledge a Policy before being able to authenticate to the domain. Once they acknowledge the policy, their acknowledgement would be recorded in a data base and they would be able to join the domain. If they do not acknowledge the policy, then they would not be able to join the domain.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Never seen something quite like this

by robo_dev In reply to How do you enforce IT Gov ...

I've seen solutions where the user must goto a web page, read the policy, and submit a web-form acknowledgment.

However, the team that provisions new users is responsible for making sure that gets done (they have a new-user checklist), and the IT auditors review both the acknowledgment database and the checklists when security team gets audited.

I've seen solutions involving NAC (network access control) that require a workstation to be in-spec with patches and Anti-Virus software before it is granted connection to production LAN. But never seen a policy-reading step as part of that control.

Collapse -

web Form acknowledgement

by w302544 In reply to Never seen something quit ...

When you say they Must go to the web site, was this requiered before joining the domain. Currently one our end users join the domian, they then get a desktop with only an internet explorer icon. They them launch explorer which directs them to a Citirx login screen. Once they log into Citrix, then based upon their Group assignment they then receive a published desktop from the citrix farm with only those apps they are allowed to use.

Can you provide the name of the App you referred to? I am wondering if I can force the end user to acknowledge the policy prior to logging into Citirx if not prior to joining the domain.


Collapse -

System Use Notification

by gario In reply to How do you enforce IT Gov ...

Will the use of a warning banner not suffice? Most government workstations (if not all) follow FISMA/NIST 800-53 AC( System Use Notificaton.

Collapse -

We have a warning banner already

by w302544 In reply to System Use Notification

When we update our acceptable use, document retention, social media policies, etc.. end users are required to acknowledge the individual policis that apply to them. Currently they can view the document on our intranet and are required to then sign a physical document. Once signed the document is sent back the main office where it is filed. I would like to publish a policy and have the end user acknowledge either before joing the domain or logging into their citrix desktop. Once acknowledged, their response wiould be recorded within a data base. If they didn't acknowledge then they would not be able to join the domain or log into citrix to receive their published desktop

Related Discussions

Related Forums