Reply to post: Re: Doris in HR

If your org hasn't had a security incident in the last year: Good for you, you're in the minority

Peter2 Silver badge

Re: Doris in HR

And if you assess the user requirements and come to the conclusion that the user only needs the ability to run programs installed by IT, and that random programs downloaded from the internet are quite likely to be unsafe and then remove the ability for the user to execute executable code that is unsigned or not in a trusted location (that the user has no write access to, such as %windows% & %program files% then regardless of how hard the user tries to compromise their PC they can't cause a security breach.

I'm one of the 5% still bemusedly wondering why everybody else insists on training users to not click on links instead of just removing their ability to do anything harmful when a user clicks on a link. Same with .exe files being emailed in; just quarantine them! Delivering them and then relying on users not opening them is idiotic.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2019