A credit union recently enlisted a security company to try to compromise the credit union’s computers. The security company successfully infiltrated the computers, starting its attack by scattering USB thumb drives around the credit union’s parking and smoking areas. Each USB thumb drive contained a Trojan horse executable. Credit union employees found most of the thumb drives, attached them to credit union workstations, then ran the Trojan horse executable. Unless you’re sure that your organization’s employees or members would never execute a file they found on a discarded thumb drive, you might want to give software restriction policies (SRPs) a closer look.
SRPs are a Group Policy feature that you can use to restrict application execution on Windows Vista, Windows Server 2003, and Windows XP computers. You can think of SRPs as similar to a set of firewall rules. You can configure SRPs to allow or deny the execution of specific applications. Then, you can configure a more general rule to allow or deny the execution of applications not covered by the specific rules. So, for example, you can configure a general rule to allow everything, while creating a rule to ban sol.exe (solitaire.exe on Vista). Or, you can begin by banning everything, then allow only applications for which you’ve created an SRP rule. . . .
)
)
Register
khalboos February 14, 2007 (Article Rating: