Let's be honest: Gaming at the office isn't in any best practices guide. Don't get me wrong, I'm not against gaming -- it just doesn't belong on the office network.
This isn't a popular attitude to take, but it's a smart one. Corporate machines and their bandwidth are for business activities -- not amusement. Not only does gaming pose a productivity problem, but it can also jeopardise network security.
If your users are gaming at the office, I recommend revisiting your corporate policy immediately. Let's look at four steps you can take to regain control of your network from gamers.
Put it in writing
Inform users that it's against company policy to install unapproved software applications on company computers. This covers a wide field that includes games, bootleg copies of office programs, unapproved utilities, and a wide assortment of potential malware that has no business function.
If, in fact, you don't have a policy that addresses this matter, I recommend taking immediate steps to create one. Instituting a written policy that addresses Internet usage is a security best practice for many reasons.
In addition, publish a list of approved software for which the company owns licenses. Your policy should also detail the process for adding software to the approved list and outline penalties for noncompliance.
Putting all of this in writing covers you from a legal perspective for the actions you'll need to take to actually deter users from turning their office machine into a gaming platform.
Lock down the Program Files folder
By default, most games install in the Program Files directory. Therefore, to further discourage gaming, users shouldn't have the rights to create or modify files in this directory.
Verify that your users have only user rights and that they aren't power users or administrators on their machines. To do so, follow these steps:
- Right-click My Computer, and select Manage.
- In the left-hand pane, expand Local Users And Groups.
- Select Groups, and double-click Users in the right-hand pane.
- Verify that your Domain Users group (or the domain group that your users belong to) is a member of this group. Check the other groups, specifically the Administrators group, and verify that no normal user accounts are in this group. Check the Power Users group for invalid entries as well.
Now that you've ensured users have only user rights to common file objects, follow these steps:
- Double-click My Computer, and double-click Local Disk (C:).
- Right-click Program Files, and select Properties.
- On the Security tab, select Users from the Group Or User Names list box, and verify these permissions: Read & Execute, List Folder Contents, and Read.
- Verify that no invalid entries exist for the security properties of this folder.
Users will no longer be able to install software that defaults to this location. If they want to install games, users must now consciously select an alternate location to install the game.
What a Joke!
This story paints gaming on a corporate network as a high security risk.
Lets get reality check, if somebody is playing games during working hours then their manager should notice the low productivity. Surely if somebody has got time to play games during business hours then they don't have enough work to keep them busy.
Gaming is not a hard to detect either, simply looking at the users screen will allow anyone to see are doing. Normally the user gets unusally excited and happy which is easy to spot in any office.
Also most corporate machines have low specs with slow graphics cards etc, so the machines don't have the speed to play most modern new games.
Locking down machines, installing obtrusive network security software and hiring an team of people to monitor for breaches is a waste of time and money.
How much money is wasted on buying software and hiring people to monitor this supposed security threat?
A trust policy is the only thing that will work in the long term.
If a user really wants to find a way to play a game then they will.
Just search the internet for all those Java applet games, Flash games that can be played in an internet browser.
This type of security is an illusion, in my experience its the people on the security/network team that are the greatest security risk, yet corporations blindly trust them.
What a joke!