On Fri, Mar 15, 2013 at 1:43 PM, David Lum <[email protected]> wrote: > Do any of you have a documented process to follow if you have a widespread > virus/malware outbreak? Covers things like what actions what teams take > identify, mitigate, remediate, etc.
Not now, but once I hire a new guy (I have interviews with 4 candidates next week), I'm going to be working on it. > Related: How do you take endpoints that show “haven’t reported in 4 days” > and differentiate between someone on vacation and their system being off, > vs. a system that’s online but the agent is no longer working? (this applies > to anything agent-based, actually). Can I ping it? If not, it's off, and I'm not worried about it. If I can ping it, and can't otherwise control it, there's a problem with the machine, and I'll go correct it. [for whatever value needed for "correct it"] Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
