Heh - Good point Judland !
i'll tell you a little story !
for more than 5 years, I was working in a fairly large company, 5000+ users. I was the "lucky" dude that had the responsibillity for the Antivirus systems and patching on the PC's - amongst a lot of other things.
Was that a nerve wrecking job - Yes you bet !
I got pretty paranoid. I belive the most common mistake, is the assumption that the "ordenary" users pose the biggest threat.
That is at least my opinion, as most of our viruses, we got from people within the IT department. Especially from developers, especially the .NET ones
.. dont get me wrong here, I have nothing against developers
however at one time a dev, who at that time, had admin rights, DISABLED the antivirus program on a fairly large number of users, in order for his crappy application to work.
incidently, at the same time, the antivirus program was updated, so it included scanning for malware/spyware. What happend was, that a large number of people in the IT department had all sorts of spooky things installed on their PC's eventhough this was not allowed.
what happend next was that, allmost, all in the IT department got their admin priv taken from them.
Were they pissed - Yes
Were they still able to do their job, without admin rights - YES !
it's my belief that only a handfull of people should have admin rights and only use those for administrative tasks (installing software/adding users and so on) If people (users) can't install software they won't.........
The problem with "Corperate IT policies" is that most employees don't know that they exist ! And those who do, don't follow them anyway ...
/iceman
