New poll - How is your organization dealing with Windows executables?

Comments

roughly 900 employees... for all files, scheduled "on demand" and "on access" scans by a/v on clients and servers

email with attachments are scanned with same a/v vendor at the email gateway

fwiw
Blocked, across the board :-) No exe files can be downloaded from the net or sent/received via email. This is not just our own rule but what we recommend to customers too. There are 'allow' lists to that such as MS for patches etc but that is limited to a small number of servers only. Should there be the need for any introduction of exe files then they would be examined and scanned by 3 different vendors prior to be allowed on the system. In some cases we have also rolled out application white listing too just as an extra measure should our customers need it, sounds harsh but the number of times doing this has saved an expensive clean up makes it more than worth it.

Diary Archives