2 Replies Latest reply on Jul 10, 2015 5:13 AM by silverbacksays

    Never, Ever Installed Antivirus, Never, Ever Will.

    sevier.toby

      Most AV will destroy Windows over time more so than any virus ever could.  Got cryptolocker?  Do your clients?  Your not securing the profile and the AV will not stop it.  When I proactively protect the network it's seen as a waste of time?  Why is this common sense approach not common sense to so many?  Let's talk.

       

      One of my favorite but by far the most unappealing approach I use is run XP SP3 in SafeMode w/ Networking inside a VM using Chrome.  Still take a snap just in the event China or Russia defeat it, we can roll back.  For W7 / W8.1 - re-install every 30 days (sometime rearm if lazy), never activate newer OSs, all inside restricted snapped VMs running with non-administrator user accounts.

        • Re: Never, Ever Installed Antivirus, Never, Ever Will.
          sevier.toby

          I need some tips for tightening these methods even more because even at these levels it's not good enough and are legacy.  Does anyone do this or offer any additional steps to insulate/iron-clad a weak OS? 

            • Re: Never, Ever Installed Antivirus, Never, Ever Will.
              silverbacksays

              If a high secure, but flexible approach is needed I'd look at some kind of DaaS solution, with the hosts inside a protected private network or private cloud, using secure encrypted links between terminals and the infrastructure (with two factor authentication to get log on). Using a VDI approach means you can spin up desktops from gold builds each time a user logs on, and only have persistence of critical files, which are stored, filtered and scanned centrally.

               

              Couple this with using a proxy w/ whitelists for all internet communications where absolutely essential (block internet access otherwise) and you can be fairly happy you're safe.

               

              Depends on the sector your working in, natch.