<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:Wingdings;
        panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
        {font-family:"Open Sans";
        panose-1:2 11 6 6 3 5 4 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
span.EmailStyle17
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-family:"Calibri","sans-serif";}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:1487741352;
        mso-list-template-ids:-1080649560;}
@list l0:level1
        {mso-level-number-format:bullet;
        mso-level-text:;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l0:level2
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:"Courier New";
        mso-bidi-font-family:"Times New Roman";}
@list l0:level3
        {mso-level-number-format:bullet;
        mso-level-text:;
        mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level4
        {mso-level-number-format:bullet;
        mso-level-text:;
        mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level5
        {mso-level-number-format:bullet;
        mso-level-text:;
        mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level6
        {mso-level-number-format:bullet;
        mso-level-text:;
        mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level7
        {mso-level-number-format:bullet;
        mso-level-text:;
        mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level8
        {mso-level-number-format:bullet;
        mso-level-text:;
        mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level9
        {mso-level-number-format:bullet;
        mso-level-text:;
        mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Thanks for this post, Laura. +1; I 100% agree. We have run SEP for years, like many libraries, and I plan to leave anti-virus behind entirely in the next months. <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>I think libraries face a unique challenge, when compared to other types of agencies, in that we are running an essentially free and open network. We invite untrusted users to borrow our equipment, and to bring their own devices to connect to our networks. I’d love to hear from other libraries about what combination of configuration choices you make to secure your endpoints and users against threats and against themselves, as much as possible. What do you like, what have you found effective, and what is a bridge too far? The short version for me includes: no users run as admin, very rapid patching (OS/application), separate network segments for staff/patron/owned devices (physically separate where possible, VLAN where not possible), custom aggressive firewall ruleset (in a pfSense appliance), supporting good web browsing hygiene with plugins (such as uBlock Origin and EFF’s Privacy Badger) and OpenDNS, restricting end user behavior with GPOs, and a comprehensive backup strategy. Educating users about social engineering and credential hygiene is helpful with staff, but obviously not for the entire patron base. Two gold standards I have not addressed: application whitelisting and application sandboxing. Whitelisting, I felt, was too much at odds with the level of service I want to provide patrons. I want them to run anything they need to while using library workstations. I’ve yet to hear of an application sandboxing solution that seemed both cost-effective and successful enough to be worthwhile – any thoughts? <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Thanks,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Jessica D. Dooley<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>IT Specialist<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Adams County Public Library<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>937-587-2085<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>dooleyje@adamscolibrary.org<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Laura Solomon [mailto:laura@oplin.ohio.gov] <br><b>Sent:</b> Wednesday, July 20, 2016 12:48 PM<br><b>To:</b> oplintech@lists.oplin.org<br><b>Subject:</b> [OPLINTECH] Anti anti-virus?<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal>This week's OPLIN 4cast might raise some eyebrows, with links to articles like:<o:p></o:p></p><div><p class=MsoNormal><o:p> </o:p></p></div><div><ul type=disc><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo1'>"<a href="https://blog.knowbe4.com/cyberheistnews-vol-6-27-intel-thinks-antivirus-is-s-and-dumps-useless-mcafee"><span style='font-family:"Open Sans","sans-serif";color:#3A3A3A;text-decoration:none'>Intel thinks “Antivirus is s#!+” and dumps useless McAfee</span></a><span style='font-family:"Open Sans","sans-serif";color:#666666'>"</span><o:p></o:p></li><li class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo1'><span style='font-family:"Open Sans","sans-serif";color:#666666'>"<a href="http://www.cbc.ca/news/technology/antivirus-software-1.3668746"><span style='color:#3A3A3A;text-decoration:none'>Antivirus software is ‘increasingly useless’ and may make your computer less safe</span></a>"</span><o:p></o:p></li></ul><div><p class=MsoNormal><b><span style='font-family:"Open Sans","sans-serif";color:#666666'>Read the full post here</span></b><span style='font-family:"Open Sans","sans-serif";color:#666666'>:  <a href="http://www.oplin.org/4cast/?p=6096">http://www.oplin.org/4cast/?p=6096</a></span><o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><span style='font-family:"Open Sans","sans-serif";color:#666666'>What do <i>you</i> think?</span><o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><div><div><p class=MsoNormal>-- <br><b>Laura Solomon, MCIW, MLS</b><br><i>Library Services Manager,</i> Ohio Public Library Information Network (OPLIN)<br>(614) 752-0792 (voice) | (614) 728-5256 (fax)<br><a href="mailto:laura@oplin.org" target="_blank">laura@oplin.org</a> |<a href="http://www.oplin.org" target="_blank">http://www.oplin.org/</a><o:p></o:p></p></div></div></div></div></div></div></body></html>