Re: Again.. How many people turn their machine off?
This policy arose from an incident where an executive left his machine on, and it was infected with malware. Those behind the attack had the whole weekend to surf out or internal network.
We have 24/7 monitoring of the network and systems logs via two layers of monitoring. And a host based IPS system. And 24/7 on call staff to respond to any incident.
The few times I saw a network pwned, it was due to a lack of a system administrator following policy and either not performing the proper baseline configuration or using found USB mass storage devices on the servers and due to the misconfiguration, autorun installed the malware.
They received punishing paid overtime and were named company heroes for working all of that overtime to fix what they fouled up. Until they promptly reinfected everything, precisely the same way in which they did the first time. The DoD was not amused that time.