Dilan77
asked on
Securing Client PC's
Hi
We will shortly be moving to an web-banking application in our office, and I'd like to make sure our PC's are as secure as possible. The application itself is secure (SSL, secure authentication methods etc), however I'm interested in people's views on the client machines themselves. We run anti-virus software and a PIX Firewall, but is Spyware a threat? For the moment, we run Ad-Aware on each PC every couple of weeks or so, but is there any application that can stop Spyware in real time? Or any other recommendation against keyloggers etc?
Many thanks in advance...
We will shortly be moving to an web-banking application in our office, and I'd like to make sure our PC's are as secure as possible. The application itself is secure (SSL, secure authentication methods etc), however I'm interested in people's views on the client machines themselves. We run anti-virus software and a PIX Firewall, but is Spyware a threat? For the moment, we run Ad-Aware on each PC every couple of weeks or so, but is there any application that can stop Spyware in real time? Or any other recommendation against keyloggers etc?
Many thanks in advance...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I just thought of a few more things...
If you are interested in detecting some wireless devices, you can hook a laptop up and install netstumbler on it (free). http://www.netstumbler.com/
Also, with Snort you can combine it with VLAN's on your network to instantly move infected machines to a quarantine VLAN. I think it's an interesting idea that I once read about in a few articles. I can't find the actual articles, but here's a brief one that mentions it:
http://www.networkworld.com/news/2004/0614switchsecurity.html
If you are interested in detecting some wireless devices, you can hook a laptop up and install netstumbler on it (free). http://www.netstumbler.com/
Also, with Snort you can combine it with VLAN's on your network to instantly move infected machines to a quarantine VLAN. I think it's an interesting idea that I once read about in a few articles. I can't find the actual articles, but here's a brief one that mentions it:
http://www.networkworld.com/news/2004/0614switchsecurity.html
1.install green border on the PC for internet surfing virtual browser (Reset the browser any spyware kept in virtual session)
2.Barracuda networks web filter (Anti spyware and drive by spyware)
3.counterspy from sunbelt software (Spyware)
4.Pandagate or anti virus in transparant mode in front of server
5.Kerio firewall on all PC
6.Firewall with basic IDP in line
7.image all PCs and server with acroncis for fallback
8.rebuild the PCs that are having the banking software to ensure nothing on them to start or online scan using counterspy online and panda activescan
2.Barracuda networks web filter (Anti spyware and drive by spyware)
3.counterspy from sunbelt software (Spyware)
4.Pandagate or anti virus in transparant mode in front of server
5.Kerio firewall on all PC
6.Firewall with basic IDP in line
7.image all PCs and server with acroncis for fallback
8.rebuild the PCs that are having the banking software to ensure nothing on them to start or online scan using counterspy online and panda activescan
Addressing AV and Spyware alone is not going to be sufficient - if you're running a business-critical banking application, then there's a hell of a lot more you need to do - everything from physical security through to security policies and procedures need to be addressed.
Are you processing credit cards or confidential information? Has the web app been pen tested?
Are you processing credit cards or confidential information? Has the web app been pen tested?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everyone, I'm going through the various apps now and will provide feedback soon.
The web app has been pen tested and we won't be handling credit cards. It's a system whereby we can make payments to the bank...no confidential information as such is transmitted across the internet, the bank knows what to do with the info from the codes we put in. To anyone else, these codes don't mean anything.
Appreciate the help...
The web app has been pen tested and we won't be handling credit cards. It's a system whereby we can make payments to the bank...no confidential information as such is transmitted across the internet, the bank knows what to do with the info from the codes we put in. To anyone else, these codes don't mean anything.
Appreciate the help...
ASKER
Thanks all...Ad-Aware and Spybot combination, along with Least User Privelege, and a SNORT IDS system seem like what we're going to implement shorlty.
Thanks Dilan77.
If you do implement LUP, you honestly won't need the Anti-Spyware tools, my wife hasn't had any spyware on her pc in years since I switched her, same with our PC's at work, 3000+ users with no more spyware, and we do scan for it just to be safe, which is also what you should do, so I'll remove my foot from my mouth shortly...
-rich
-rich
ASKER
lol :)
>>but is there any application that can stop Spyware in real time?
Spy Sweeper will protect your computers from spyware in real time. It is considered the best at catching spyware.
http://mysite.webroot.com/forms/Infoworld
>> Or any other recommendation against keyloggers etc?
No one antispyware catches all spyware. You can run more than one antispyware tool on your computer. You can use SpySweeper and Adaware.
To prevent spyware, do not visit any porn or ad websites. Do not click on any links or open attachments in emails that you do know.
Best wishes!