RE: the boss checked my computer history and saw AF
April 24, 2016 at 12:39 am
(This post was last modified: April 24, 2016 at 12:39 am by Tiberius.)
(April 24, 2016 at 12:19 am)Aractus Wrote: And as I mentioned, clearly, in my post, there are clear limitations to what company polices can specify. They could specify that you cannot use work computers for person reasons at any time - however they would need (at least in most jurisdictions) to have a valid reason to justify the policy.
Right, and security is a perfectly valid reason to justify that policy.
Quote:That's not going to make a significant difference to the risk of Malware. Heck when you're googling your way through researching your clients and whatever else you need to do, you'll be far more likely to hit a website that you've never visited that has been compromised, compared to relatively safe sites that you frequent like this one. Many small business websites are far easier to hack than well set-up forums. And in fact I've seen them hacked many times before.
The point is, if you restrict employees to a subset of sites, trusted sites for instance, you limit the chance of an employee visiting a malware infested site. Whether it makes a significant difference really depends on what sites the employee is browsing. If they are visiting dodgy sites, the risk increases. Sure, atheistforums.org isn't a risky site for that, but company policies aren't designed with us in mind, they are designed for the worst case scenario.
Quote:There's plenty stopping you from doing that. Number 1. the company does not install flash, and sets up a group policy blocking flash from being installed. Number 2. the company does not install adobe reader, and instead uses an alternative. Number 3. Keeps windows security up to date. Number 4. has anti-virus installed. Number 5. Improves the security of FireFox and Chrome by adding certain extensions - especially uBlockO.
There are plenty of ways around all of those things you mentioned. Flash / Adobe Reader aren't required for browser exploits to work. Windows security is a joke. Anti-virus is largely a joke when it comes to targeted attacks. uBlock blocks adverts, not malware.
I do this sort of thing for a living. I know what I'm talking about.