Locking Down Steam

[tkdkel]

Steam has been another large problem for us due to it having garbage security. It likes to bypass the need for an admin password when people download games, leading to people being able to download or remove whatever games they feel like. I've looked into this a bit and the only suggestion I've seen that actually works has been AppLocker.

[tkdkel]

Tasks

• [x] Install AppLocker on one of the computers
• [x] Test it on Steam downloads
  • [x] See how it would affect other functions and if there would be any issues with it
  • [x] See if it can properly block people from downloading games without the admin password

[tkdkel]

Due to the way Steam runs and how complex AppLocker rules can get, it's unlikely that using AppLocker would be the best solution. If I even found it to be confusing with thorough documentation, I don't think it's the best idea to try to hand off management of AppLocker to other managers once we graduate. While we have some cybersecurity majors who can take on the project once we leave, it's still very complex and the rules need to constantly be regulated and updated. I don't want there to be any issues around this, so I will likely be increasing User Account Control settings and adding a GPO to prohibit software installations. This may not block Steam, but combined with UAC settings, it should be able to stop Steam from overriding the admin pass.