mtg followup - laptops

Danny Howard dannyman at toldme.com
Tue Nov 22 19:37:29 PST 2005


If you make assumptions that all the hosts on your network are "clean"
you are making a mistake.

Even in a small organization, you have ... how many platforms?  How many
versions of Windows?  How many versions of Unix?  How many versions of
printers, fax machines, etc?  And you have expertise at securing all of
those?

Put your NFS and insecure auth mechanisms on a "trusted" network, and
assume a lower degree of trust outside of that network, and keep all of
that behind a firewall. :)  And of course, make the modest investment in
anti-virus on the clients ... MacAfee ASAP works awfully well for me, in
that you buy a three-license subscription, and its good for any number
of clients, the clients update their profiles automatically, without
the Norton "can I update?  Can I connect to the Internet?  Can I do a
DNS lookup?  Hey, can I download each of these seven updates?" model ...

Er, anyway, nevermind me ... the wife is gone so I have to drink my
dinner beer alone.

But, anyway, even if you're a paranoid fascist with your desktop OS,
your people are still going to take their laptops home, download porn,
and get viruses, that destroy things.  The porn is kind of funny, but
the viruses are not.  They suck for the user and they suck when you ask
yourself "Why didn't IT help protect me?"

http://www.theonion.com/content/node/42823  --  hilarious because its
true. :)

-danny

-- 
http://dannyman.toldme.com/



More information about the Baylisa mailing list