RE: Malware. Do you have ways in place to survive ransomware? Perhaps backups good to the last hour, with nearly immediate restores?
Can you prevent exfiltration of critical data? Do you have means to prevent harvesting of credentials, leading to subversion or even destruction of your infrastructure? I agree with both Micheal and Don - this is a disaster waiting to happen, and it's time to look for a new position. Or, you could take the *really* optimistic view, and view it as an opportunity for a red team engagement from a 3rd party, with a written evaluation afterward. - and hope it's not an unpaid, volunteer effort from a developing nation without the evaluation. Kurt. On Wed, Dec 7, 2016 at 8:24 PM, Kish N Kepi <[email protected]> wrote: > We keep a lax environment – our users are local admins on their Windows > laptops and we not stop them from installing any software they want – the > only caveat I ever say is ‘don’t be stupid’. And yes, we are a hi-tech > house, well beyond the startup stage. > > > > During a conversation about potential changes to the way we do backups > today, I stated that the current back up routine specifically excludes most > media files, and also that I’d used psexec to kill utorrent processes. My > boss, who is actually quite knowledgeable in IT matters, had a response > surprised me: why? Why not backup the media files? Why not allow torrent > traffic? His points were as follows: > > 1. We give them laptops and smartphones and expect them to be available > at all hours of the day – that’s convergence of home and office life – why > shouldn’t we backup the photos of their kids, pets and vacations too? > > 2. Do we have bandwidth issues? We have a broad link to the internet > and only at periodic peaks do we hit anywhere near our limit > > 3. Legality of torrents? Really? How many people care about the > legality? > > 4. Malware? We have other protections in place. > > > > I couldn’t come up with any answers that sounded reasonable to me, so at > this stage, we’re planning increase our backup storage capacity. > > > > Does anyone here have answers that I lack? Sorry for cross-posting, but I > this question is bothering me, and I know that many people in this for a > have strong, well-formed (and well-expressed) opinions > > > > Kish n Kepi
