At my organization we tackled this as an HR issue versus a security risk. Allowing open access to changing the wallpaper opens the management up to having to police the images someone puts on the desktop. What is acceptable to one is offensive to another. By setting a company standard and enforcing it universally, you can eliminate this potential. It can be a tough fight, but if you get proper management support, it should be accepted. ----- Original Message ---- From: Des Flynn <Des.Flynn@xxxxxxxxx> To: gptalk@xxxxxxxxxxxxx Sent: Friday, June 8, 2007 10:49:52 AM Subject: [gptalk] Desktop Wallpaper Security Risk? Hi: As part of our secured desktops we use GPOs to lockdown the desktops and we prevent users from changing their desktop wallpaper. This helps to ensure a consistent look but the question often comes up “Is allowing users to change their desktop background actually a security risk?” Users want the ability to customize at least this part of their work environment. I’m just not sure what holes this might expose. Any thoughts? Des -------------------------------------------------- Des Flynn System Administrator ITS - User Services, Brock University St. Catharines , Ontario , Canada , L2S 3A1 PH: 905 688-5550 x 4588 -------------------------------------------------- Confidentiality Notice: This e-mail, including any attachments, may contain confidential or privileged information. If you are not the intended recipient, please notify the sender by e-mail and immediately delete this message and its contents. Thank you.