RM don’t have a damned clue what they’re talking about
Within minutes of logging onto an RM system for the first time, I became frustrated with the fact that on most workstations, any keyboard shortcut using the Windows key had been disabled, even for administrators. Win+R, Win+E, and Win+L are shortcuts I use all the time, so my frustration mounted quickly.
First I was told that Win+x shortcuts were disabled because they are “a security risk”, on the basis that by using Win+R, someone could run programs that aren’t on the Start Menu. There are three flaws in this argument:
- If your workstation security is set correctly, it shouldn’t matter what program they can run. Security through obscurity is a fallacy I do not entertain.
- There are plenty of other ways for someone to start programs that aren’t on the Start Menu.
- You can disable this command using Group Policy for particular users without affecting administrators, or the other benign shortcuts.
Later I found an RM support document (TEC85637 for those with access) that boldly stated that by leaving Win+L enabled, users would be able to lock the workstation and stop other people from using it, even if they were prevented from locking the workstation elsewhere in the UI (i.e. by pressing Ctrl+Alt+Del and clicking ‘Lock Workstation’). When I first read this, I’ll confess I’d never tested such a scenario, but it seemed very unlikely.
So I checked.
It’s utterly false.
RM really don’t have a damned clue what they’re talking about.