I was wondering if we could prevent users to install any application (beside that already installed on system) , using any kind of setup installer (.msi, .exe) by using Kaseya Protection > File Access. Let say, if I prevent access on c:\program files or c:\program files (x86), would it be any kind of installer cannot access that folder, and making the installation process failed? Is there any effect on my default application or windows system files, if I prevent access on that folder?
My goal here is to prevent users to installed any kind of apps (games, malicious 3rd party apps, etc) beside that default apps I already installed for them. Anybody can share their best practices to achieve this?
Hi Indra Taroreh
It would probably be best to block this type of functionality from an OS level. If the Kaseya Agent is stopped or shutdown by a more advanced user, the applications will be able to run/install.
Below is an example:
Below is a thread that discusses blocking apps from running in tempdata to prevent cryptolocker but it would be a similar concept;
Hope this provides some guidance - I am sure others could chime in on how they are handling this within their own environments.
Thanks for replying. will reply to you after checking out your suggestion.