Jim,
If running an NT network, you might consider "poledit" and add the option
on only allow running specific programs on the computer.

Jack N. Gallemore
[log in to unmask]

Jim Phillips wrote:

> So, now that we have LAN's at each of our locations, and the individual
> LAN's are linked by a WAN, and we have deployed PC's onto the shop
> floor to aid the operators, we have some smart operator who thinks he
> can intimidate the management here by threatening to unleash a virus
> from his PC.  In fact, the actual threat indicated that he/she may have
> already done so; that is, loaded a time-delayed virus on his PC.
>
> Our response to this was to install Norton AntiVirus on every PC
> (actually, we had already done this since we picked up an Excel
> macro virus at one of the remote locations).  Next, I plan to
> change the EPROM settings on every PC on the shop floor to
> disable the floppy drive, and password-protect the settings.  I
> figure this will stop anyone from using the floppy drive, even
> if they boot into DOS (by hitting the F8 key during boot-up).
> I told my boss that the HP3000 was pretty much immune to PC
> viruses, so I'm not planning on doing much of anything to it.
>
> I'm curious as to what steps others have taken to secure their
> PC's from deliberate sabotage, so I would welcome any suggestions
> or assistance in this matter.  Thanks again for your gracious help.
>
> Jim Phillips                            Manager of Information Systems
> Voice: (330) 527-2124                   Therm-O-Link, Inc.
>   Fax: (330) 527-2123                   PO Box 285; 10513 Freedom St.
> Email: [log in to unmask]       Garrettsville, Ohio  44231