Using CurrentWare to Lock Down a Machine When a User Gives Notice

Using CurrentWare to Lock Down a Machine When a User Gives Notice

Purpose: This document outlines the steps to restrict a user’s access to the company network and secure their workstation using CurrentWare when they give notice.
Step 1: Preparation
Before making any changes to your end user with the CurrentWare software you should confirm the users resignation/termination date.
  1. Obtain the exact end date for the user to establish the lockdown timeline.
  2. Determine whether they will be transitioning tasks during this time.
If possible make share drive backups of critical data:
  1. Ensure any necessary files or projects from the user’s workstation are backed up securely.
  2. Coordinate with the relevant team leaders to determine data access or transfer needs
Step 2: Restrict Internet Access Using BrowseControl
  1. Log in to CurrentWare Console.
  2. Navigate to the "BrowseControl" module.
    1. Create a new group to use as your "lockdown" group
    2. Select the specific machine or user associated with the departing employee.
    3. Move the machine or user into the "lockdown" group
  3. Block All Internet Access:
    1. Go to the URL Filter settings within BrowseControl.
    2. Choose Internet OFF to prevent any access to websites.
    3. Optional: If certain internal sites need to remain accessible, use the Allowed List to specify permitted URLs only.
Step 3: Block Access to External Devices Using AccessPatrol
  1. Log in to CurrentWare Console.
  2. Navigate to the "AccessPatrol" module.
    1. Create a new group to use as your "lockdown" group.
    2. Select the specific machine or user associated with the departing employee.
    3. Move the machine or user into the "lockdown" group.
  3. Setup the Device Permissions that you want to enforce permissions:
    1. Select the "Lockdown" group and click the Device Permissions option.
    2. Set the access to whatever level you would like. You can easily block everything with the dropdown at the top.
    3. Optional: You can setup a tailored warning message to the end user(s).
    4. Apply the changes when completed
  4. Use the Reports to review usage data for devices that are allowed.
    1. Review any unusual file access, transfer, or installation attempts.
Step 4: Enable Activity Monitoring with BrowseReporter
Using the BrowseReporter Module, you have full transparency into what the user is doing on their machine. If the machine cannot be fully locked down, you can ensure the user is staying compliant by reviewing reports on their daily usage based on applications and websites. 

Set up User Activity Monitoring:
  1. Open the BrowseReporter module within CurrentWare.
    1. By default BrowseReporter will capture all application and website data
    2. Optional: You can configure Screenshots by using the "Screenshots" tab within BrowseReporter
  2. Generate Regular Activity Reports:
    1. Schedule daily or weekly reports for increased visibility on user activity during their remaining time.
Step 5: Verify Account After Final Day
  1. Disable Windows and Network Access:
    1. After the employee’s last day, disable the user account from Windows Active Directory.
    2. Remove the user from network permissions to prevent re-entry.
  2. Verify Lockdown Settings in CurrentWare:
    1. Review that all restrictions or tracking policies (BrowseControl, AccessPatrol, BrowseReporter, EnPowerManager) are still in place and confirm the user has no residual access.
 

Additional Notes:
  1. Reinstate Access if Needed: If the employee’s resignation is retracted, all settings can be adjusted to restore network access.
  2. Troubleshooting: Consult Support@CurrentWare.com if you encounter issues with enforcing restrictions or accessing specific modules.
This document is for IT staff use and should be updated as CurrentWare settings or company policies change.




    • Related Articles

    • Can I block specific file types from being transferred?

      AccessPatrol gives you the ability to prevent your end-users from copying specific file extensions to their storage devices. Using Block File Extensions to Restrict File Type Transfers Choose the AccessPatrol solution from the left-hand side. Select ...

    • Block websites by categories

      You can block websites based categories with BrowseControl’s frequently updated database of over 100 URL categories using the URL Category Filtering feature. This method is best used to block a large number of websites based on defined categories ...

    • Block Windows applications

      With BrowseControls application blocker, you can prevent .exe files from running on your computers. Using the application blocker, you can block Windows applications such as cloud storage applications, games, and more. How to Block Your Users From ...

    • CurrentWare for Productivity Management

      Effective productivity management is key to maximizing efficiency in today's work environment. This guide will provide links to support articles, samples, best practices, and setup guidance to maximize your CurrentWare deployment for optimizing your ...

    • Watch CurrentWare videos

      CurrentWare Overview A comprehensive overview of CurrentWare’s Employee Monitoring and Endpoint Security Solution for your organization CurrentWare Console & Client Installation Learn how to get started with CurrentWare with the console and client ...