Via BBC -
For a long time anti-virus software has been in the front line when it comes to stopping malicious programs infecting PCs.
But as the creators of viruses and other malicious programs adapt their methods to exploit the weaknesses of anti-virus software, some are looking to other methods to help them stay safe.
One such is Brent Rickels, the one-man IT department for the First National Bank of Bosque County in Texas, who has thrown out his anti-virus software and has a much quieter life as a result.
"I just wanted to be able to sleep at night," he said explaining the decision to stop using anti-virus.
"There had to be something better by now," Mr Rickels told the BBC News website. "Anti-virus is such a reactive model."
"The bad guys out there have copies of Symantec and Trend Micro and all of the anti-virus software and are using it to develop their stuff on and get their stuff past it," he said.
As its front line of defence the bank uses a so-called whitelist system that only lets a few programs run on every PC that bank staff use. Everything else, including viruses or malicious programs that try to strike via websites, are shut down before they can get a hold.
The bank has also imposed limits a 20 minute per day limit on the time staff can spend looking at non-work related websites.
"It seemed kind of restrictive at first but almost no one bumps up against it," said Mr Rickels.
Using the whitelist system, which the bank got from security firm Secure Wave, has stopped people falling victim to all kinds of malicious programs.
---------------------------------------
I have to say that I don't agree with Mr. Rickels on this issue.
Filtering users on the internet inside a corporation is a smart thing to do and it works...but it isn't the silver bullet. I agree that professional malware creators do customize their creations to bypass standard AV and yes AV is almost totally a reactive defense.
But an automatic counter-reaction is better than just turning a blind eye to the issue.
I wonder if he leaves all his house doors unlocked, since they can be easily picked or if he leaves his car keys in the car...this it can easily be hot-wired. A home alarm system is totally reactive as well...but that doesn't make it useless.
I wonder how many laptops this bank has...and how does Mr. Rickels expect to stop those users from connecting to the internet and getting a virus...which then would be set loose inside of the bank the next morning.
Well, I guess he wouldn't know...since he doesn't have run anti-virus.
IMHO, This might work for a small place that has 10 desktops, but with mobile users...I think this is just silly and dangerous.
No comments:
Post a Comment