[OPLINTECH] Anti anti-virus?
Jessica D. Dooley
dooleyje at adamscolibrary.org
Wed Jul 20 13:26:33 EDT 2016
Thanks for this post, Laura. +1; I 100% agree. We have run SEP for years, like many libraries, and I plan to leave anti-virus behind entirely in the next months.
I think libraries face a unique challenge, when compared to other types of agencies, in that we are running an essentially free and open network. We invite untrusted users to borrow our equipment, and to bring their own devices to connect to our networks. I’d love to hear from other libraries about what combination of configuration choices you make to secure your endpoints and users against threats and against themselves, as much as possible. What do you like, what have you found effective, and what is a bridge too far? The short version for me includes: no users run as admin, very rapid patching (OS/application), separate network segments for staff/patron/owned devices (physically separate where possible, VLAN where not possible), custom aggressive firewall ruleset (in a pfSense appliance), supporting good web browsing hygiene with plugins (such as uBlock Origin and EFF’s Privacy Badger) and OpenDNS, restricting end user behavior with GPOs, and a comprehensive backup strategy. Educating users about social engineering and credential hygiene is helpful with staff, but obviously not for the entire patron base. Two gold standards I have not addressed: application whitelisting and application sandboxing. Whitelisting, I felt, was too much at odds with the level of service I want to provide patrons. I want them to run anything they need to while using library workstations. I’ve yet to hear of an application sandboxing solution that seemed both cost-effective and successful enough to be worthwhile – any thoughts?
Thanks,
Jessica D. Dooley
IT Specialist
Adams County Public Library
937-587-2085
dooleyje at adamscolibrary.org
From: Laura Solomon [mailto:laura at oplin.ohio.gov]
Sent: Wednesday, July 20, 2016 12:48 PM
To: oplintech at lists.oplin.org
Subject: [OPLINTECH] Anti anti-virus?
This week's OPLIN 4cast might raise some eyebrows, with links to articles like:
* " <https://blog.knowbe4.com/cyberheistnews-vol-6-27-intel-thinks-antivirus-is-s-and-dumps-useless-mcafee> Intel thinks “Antivirus is s#!+” and dumps useless McAfee"
* " <http://www.cbc.ca/news/technology/antivirus-software-1.3668746> Antivirus software is ‘increasingly useless’ and may make your computer less safe"
Read the full post here: http://www.oplin.org/4cast/?p=6096
What do you think?
--
Laura Solomon, MCIW, MLS
Library Services Manager, Ohio Public Library Information Network (OPLIN)
(614) 752-0792 (voice) | (614) 728-5256 (fax)
laura at oplin.org |http://www.oplin.org/ <http://www.oplin.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplintech/attachments/20160720/c9d1760e/attachment-0001.html>
More information about the OPLINTECH
mailing list