Any law firm intranet and/or document management system contains confidential documents not meant for general consumption. Any micreant can gain valuable information by simply sitting down at a computer connected to a law firm's network. Accordingly, all workstations on the network should be secured.
This raises an interesting problem for law firm libraries. Often libraries will have computers available for Lexis/Westlaw instruction, online catalog access, and other services. Sometimes these computers are in the line of sight of library staff. Other times they may be tucked into a quiet corner. They're intended to use by the attorneys and staff, but how can we be sure that a vendor, client, opposing counsel, or even the janitor aren't viewing information that they shouldn't?
Library users could be required to log-in, but for someone wanting to simply search the library catalog, booting can be burdensome. Computers for training purposes could be kept off the network, but then network resources such as the library catalog would be unavailable.
Public and academic libraries have been dealing with securing public access PCs for some time. So when I had questions on this topic, I went to Web4Lib.
For the original email and responses, see the Web4Lib Archives.
Below are some of the suggested tools/resources for allowing access to only selected network resources: