Letter #5: Hackers will always go after the "big dog"
PC and Network Support
The National Arbor Day Foundation
Environment: Microsoft shop with Windows 2000 and XP Professional machines in an Active Directory environment.
Internet Explorer or Firefox: Internet Explorer
Why IE: Internet Explorer is our organization's default browser. We lock down the user desktops to prevent them from installing unauthorized applications so Firefox has not been used, except for those in our Web Development area, and of course, by some of our IT staff. We actively keep our PC's patched and regularly updated, and we constantly scan for viruses. We do what is necessary to keep the "bad guys" out short of totally locking everything down and allowing no access -- either in or out -- at all.
Setting this up in the beginning took some work, but now that it has been in place for quite some time, we find that this approach not only frees us up to explore other areas of network computing, but it has drastically reduced the number of instances of malware infestations that require drastic and time-consuming workarounds.
Firefox as a future attack target: Personally, I like Firefox. Of course I also like IE, the MAC OS, Linux and Windows. Each has its strong points and features thet help you accomplish what you want to do. But no matter how tight your code is, there will be some weakness that allows someone to expoit it and use it for his own purpose -- nothing is 100% fool-proof.
The bigger the dog the more people will go after it trying to find these weaknesses. Right now, IE is the target because Microsoft is the "Big Dog." If Firefox continues to gain market share and become a prominent player, then it too will begin to be attacked as much as IE is now.
How to enforce safe browsing: Our IT personnel constantly educates our users in the art of safe computing using a variety of methods ranging from formal training sessions to one-on-one conversations discussing what to do and not do, what to look for and how to protect yourself whether you are in front of a computer at work or home, and encourages them to be proactive in their approach.
For more letters to the editor, click for the complete series.