Campus Guidelines for Kiosk Workstations

The following campus guidelines for Kiosk workstations were endorsed by the Campus Information Security and Privacy Committee (CISPC) in July, 2009:

A "kiosk" is a workstation available in a public place for general use. The guidelines below are intended for kiosks.

Departments which provide kiosk workstations are required to take measures to reduce risk to kiosk users and the campus network. Kiosks which are not configured according to campus guidelines may be subject to removal from the campus network.

Many departments also offer shared workstations (in computer labs, break rooms, etc). While many of the kiosk guidelines listed here are also appropriate for shared workstations, these guidelines are not intended for shared workstations.

Below are phase I of campus guidelines for operating kiosks. These standards will likely be expanded over the coming months. If you need assistance in meeting these standards, please contact security@berkeley.edu.

Kiosk Guidelines:

  1. Kiosks must meet the Minimum Security Standards for Networked Devices.
  2. Host IPs must be registered under the security contact for your department in the security contact application. Security contacts must respond promptly to any security incidents reported for Kiosk machines.
  3. Kiosk firewalls must be configured to allow scanning by the Systems and Network Security team. (see Nessus campus network scanning)
  4. Kiosks should run kiosk management software (such as Steady State and Deep Freeze) or implement similar tools to restrict a user's activities when using the kiosk (e.g. set a defined set of www sites a user can visit, prohibit storing data on the local machine, etc.) and to facilitate resetting the kiosk to a "clean" state.
  5. For kiosks that require login, the workstation should logout automatically after a reasonable amount of idle time (10 minutes is the suggested standard).
  6. For kiosks that don't require login, the kiosk should be configured to reset to a "clean" state after a reasonable amount of idle time (10 minutes is the suggested standard).
  7. Kiosk browsers should be configured not to accept cookies from auth.berkeley.edu (so that the CAS TGC will not be stored in the browser). This will ensure that a user cannot participate in single sign-in (re-authentication will be required for every application) and thus minimize the chances a user's credentials can be used by someone else if a user does not logout of CAS or quit the browser before leaving the kiosk.
  8. Firefox is the suggested browser for kiosks.
  9. Kiosk administrators should follow all recommendations included in the Browser Configuration Guidelines for Kiosks.
  10. Signage must be posted on or near kiosk monitors advising users to logout (where possible) or quit the web browser before leaving the kiosk.