|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Features versus Security versus User Education
- To: NTBUGTRAQ
LISTSERV.NTBUGTRAQ.COM - Subject: Features versus Security versus User Education
- From: "Smith, Brian" <BrianSAMGEN.COM>
- Date: Tue, 30 Mar 1999 10:38:37 -0800
- Approved-By: Russ.CooperRC.ON.CA
- Reply-To: "Smith, Brian" <BrianSAMGEN.COM>
- Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
I'd like to comment on Martin Buck's email in which he wrote: "It seems to me that - in the corporate world, at least - the solution would be better screening at the gateway/firewall level. While it might make for a horrendously complicated bit of software, and while it might introduce delays on inbound mail, I'd have thought it should be possible to have an email screening program that spots embedded macros within inbound documents, removes them and appends them to the docs as plain text." I agree. I realize that ntbugtraq is not an advertisement forum and for that reason and because of weird policies here at Amgen I won't mention the exact product name but at Amgen we have a scanning package on our servers that caught melissa, stripped the virus code and sent a message to both sender and recepient that warned of the virus. It is, IMHO, like akin to parents and the internet. Instead of saying "no offensive material on the internet", which is not reasonable, we say "send what you want as long as I can throw up "net-nanny" (or whatever) to protect my children. By the same token it seems simpler and more effective to me to put our energies into the anti-virus filters and education of the user community than trying to limit code and functionality. Yes keeping filters updated is hard work but so is constantly changing and limiting what xml, java, vba, etc. can do. Brian F Smith (brians
- Prev by Date: final cut on the Melissa virus
- Next by Date: Re: Features versus Security versus User Education
- Prev by thread: Re: Features versus Security versus User Education
- Next by thread: Re: Features versus Security versus User Education -Reply
- Index(es):