Library IT News

Entering content area for Library IT News

blog posts

  • Getting Ahead of the Curve

    How can we get ahead of the curve to prevent our users from causing their own troubles? The solutions are often simple but time consuming processes, multiplied by the number of users. Some of the recent pandemic problems we've encountered that are completely preventable include malware infections and installing software incorrectly.

    Malware infections mostly come from scareware sites that convince people to download and install their antivirus product to get rid of a non-existent problem. The security of information, particularly with people dealing with accounting and HR information, is of great concern for people to be infected with malicious software. There is also AD account information and passwords that could be sniffed out.

    The problem of installing software incorrectly has been time consuming and frustrating. If you'd tried to install Adobe Reader or Adobe Flash within Firefox recently, you're probably aware of what I'm talking about. Adobe has a "distribution manager" software that it uses to install its software now called GetPlus+. It allows a non-administrator user to install the software the first time, but when the next update comes out it requests an admin to login every time Firefox is started.

    What can be done to stop these preventable things from wasting IT's time so that we can work on and respond faster to more pressing matters? What is needed for user education to get us (as an organization) past this?

#1
rslater@illinois.edu Nov 23, 2009 12:22 pm quote
Okay, so I have no idea how implementable or costly this would be, but what about only authorizing the install of files from a particular location (mapped network drive, etc) by any user (admin or regular). Then, users could only install/add vetted software (or even add-ons) to their machines. This is an approach I've recently encountered with my HP mini MI (netbook). It runs a HP flavor of Ubuntu, and they only allow you to install applications from their "authorized" apps list/site (that they maintain). If you want to install non-approved software, you either need to request it be added to the list/site, or "break" the OS to circumvent the restrictions. It has proven moderately annoying on some occasions (they don't have touch-freeze as an app, for instance :P ) but the entire time I kept thinking to myself "Here's a netbook I can buy my parents and have 0 - or far fewer- remote support issues to deal with."
#2
jmhamltn@illinois.edu Nov 24, 2009 1:17 am quote
LifeHacker has an article on "Protecting yourself from drive-by malware" here: http://lifehacker.com/5410941/protect-yourself-from-drive by-browser-malware-attacks But frankly, I think it misses the mark. It negatively affects the browsing experience for security and I highly doubt this is something most of our users would trade for. Most of the configurations are controlled inside of the Firefox profile, which is really not enforceable from our perspective. I think one example of this reaction can be found to the resounding accusations that resulted from McAfee Site Advisor being installed by default with the antivirus. Site Advisor might help address the issue by directing users away from known bad sites, but most often by time a site makes it into a black list, it's already closed up shop and popped up at some other domain. One of my tasks within the next month will be moving all of our systems to the antivirus ePo 4.5 and updating systems to the latest version of the antivirus engine. If this doesn't seem to help the issue, perhaps we should be looking into something like ThreatFire to help subsidize our antivirus? I assume most users would not want to follow all the steps in the LifeHacker article I linked to at the beginning, but perhaps we can create a similar guideline that would allow those users that are willing to, can know and follow our best practices. Just getting most people to do their general browsing (unfortunately some special University sites require IE) in Firefox might save us quite a bit of pain.

additional blog information