August 26, 2021

Pearson VUE / Firewall issue

I work part time as a network admin for a medium size company (around 120 employees). We service kids with autism so patient confidentiality is critical. We have to maintain HIPAA compliance.

Some of our staff periodically have to take a test to become certified in their field, and the tests are proctored by Pearson VUE. Unfortunately the testing software doesn’t play well with our company firewall and requires local admin privileges. The only way I’ve been able to get people testing successfully onsite is by completely bypassing our firewall for a specific network drop, turning off windows firewall and defender, while the PC is logged in as a local admin.

Obviously I’ve communicated to my boss that this is a network security risk. Her argument is that the PC is only on for testing 2x a week for 45 minutes.

Does anyone have some resources that would be helpful in explaining how risky this is? Is it just a matter of time before that laptop is scanned, connected to, and a giant pile of malware is dumped on it?

Comments

GrNivek

If your laptop is patched and up to day your are not running any more of a risk than your average user. Where this would be dangerous is if the laptop user was doing malice activities or visiting harmful sites.

Router_RIP

set aside an old laptop or desktop and throw it on a DMZ with less security. Maybe put it in a private room where people can take the tests.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.