Quote:
Originally Posted by rwest
I got to think at some point large companies will just go off the Internet for internal business- maybe separate computers one with company software and records, the other for working with the outside world.
|
Security is always a trade off between security, cost, function and practicality.
Going off the internet, for better or for worse might have worked for this worm.
But for other virusses, it would not.
This worm only propagated over the network after somebody inside clicked it.
Hence the back end computers for the most part stayed online and very few servers got encrypted.
But if you go offline completely, and close off the internet completely
For one thing your employees will loose ability to look up things online.
For better or for worse, it has a business use, and also helps for morale.
Take that away, and you probably will have people come up with usb sticks. To have some music to play or take work home in the evening..
And yes, you can lock that down as well, if you really want to. But all that locking down comes at a cost for IT management. And these days companies see IT as a cost not something to get ROI on.
Or the virus will come in via laptops, smarthphones, you name it.. there is always a way The only safe pc is one without a network card and without any kind of other connections.. (wifi, floppy, usb, bluetooth)
But that pc will automatically be very, very limited in functionality.
For the most part companies are quite safe, if they run a good antivirus, have a good firewall and have workstations that are up to date on the latest patches.
That's where this one got through, those infected by the worm, for the most part were running XP or embedded XP.. which is out of support and did not have a patch for this vulnerability yet (MS did bring one out now for the occasion).
So if you run old crap on your production pc's, and the OS is unsupported , no longer being updated for known vulnerabilities, then really you are to blame if you get infected.