Should Colleges Monitor Students' PCs?

dancedance asks: "I am a CS student at a small Liberal Arts college. Like most academic institutions, we have to deal with worm-infested computers being brought into the network from the outside. In the past the school's response has been to require all windows computers to install the virus software provided by the school. Although this helped protect the network, it was certainly not a complete solution, especially at the beginning of the school year. This year computing services is taking a more proactive approach to network security: it is requiring all Windows-based computers to install software which will allow the school to automatically update virus software, apply windows patches, install software 'deemed necessary' for network security, and 'report on the status of your computer'. This seems like a 'one step foreword, two steps backward,' approach to network safety as I fear that, under this system, a malicious user would only have to break into one central system to wreak havoc on the entire network. Are my concerns about this system well founded, or is this less of a problem than I make it out to be? Are similar policies getting implemented at other academic institutions?"

Use a virtual machine

[Natales]

Provide a licence of VMWare Workstation 4.5.2 to each student + one virtual machine with all the required School security. The virtual machine will be controlled, privided and mainained by the school. Access will be controlled and allowed only using the specific VM, that can be configured to be read-only, and expiring. The student still can do whatever they want with their laptop, even run Linux if they want, but the access to the school will be uniform and totally controlled.