[OPLINTECH] Anti anti-virus?

Jessica D. Dooley dooleyje at adamscolibrary.org
Wed Jul 20 13:26:33 EDT 2016 

Thanks for this post, Laura. +1; I 100% agree. We have run SEP for years, like many libraries, and I plan to leave anti-virus behind entirely in the next months. 

 

I think libraries face a unique challenge, when compared to other types of agencies, in that we are running an essentially free and open network. We invite untrusted users to borrow our equipment, and to bring their own devices to connect to our networks. I’d love to hear from other libraries about what combination of configuration choices you make to secure your endpoints and users against threats and against themselves, as much as possible. What do you like, what have you found effective, and what is a bridge too far? The short version for me includes: no users run as admin, very rapid patching (OS/application), separate network segments for staff/patron/owned devices (physically separate where possible, VLAN where not possible), custom aggressive firewall ruleset (in a pfSense appliance), supporting good web browsing hygiene with plugins (such as uBlock Origin and EFF’s Privacy Badger) and OpenDNS, restricting end user behavior with GPOs, and a comprehensive backup strategy. Educating users about social engineering and credential hygiene is helpful with staff, but obviously not for the entire patron base. Two gold standards I have not addressed: application whitelisting and application sandboxing. Whitelisting, I felt, was too much at odds with the level of service I want to provide patrons. I want them to run anything they need to while using library workstations. I’ve yet to hear of an application sandboxing solution that seemed both cost-effective and successful enough to be worthwhile – any thoughts? 

 

Thanks,

 

Jessica D. Dooley

IT Specialist

Adams County Public Library

937-587-2085

dooleyje at adamscolibrary.org

 

From: Laura Solomon [mailto:laura at oplin.ohio.gov] 
Sent: Wednesday, July 20, 2016 12:48 PM
To: oplintech at lists.oplin.org
Subject: [OPLINTECH] Anti anti-virus?

 

This week's OPLIN 4cast might raise some eyebrows, with links to articles like:

 

*	" <https://blog.knowbe4.com/cyberheistnews-vol-6-27-intel-thinks-antivirus-is-s-and-dumps-useless-mcafee> Intel thinks “Antivirus is s#!+” and dumps useless McAfee"
*	" <http://www.cbc.ca/news/technology/antivirus-software-1.3668746> Antivirus software is ‘increasingly useless’ and may make your computer less safe"

Read the full post here:  http://www.oplin.org/4cast/?p=6096

 

What do you think?

 

 

-- 
Laura Solomon, MCIW, MLS
Library Services Manager, Ohio Public Library Information Network (OPLIN)
(614) 752-0792 (voice) | (614) 728-5256 (fax)
laura at oplin.org |http://www.oplin.org/ <http://www.oplin.org> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplintech/attachments/20160720/c9d1760e/attachment-0001.html>

More information about the OPLINTECH mailing list