"Due to the higher frequency we are seeing in word and excel macro based trojans, malware and viruses coming into our inboxes ..."

Is this true for you and/or your company?

I have not heard any such thing until our company added a policy, and now I must enable macros like 50 times a day...

UGH!!!
LVL 22
Anne TroyEast Coast ManagerAsked:
Who is Participating?
 
JohnBusiness Consultant (Owner)Commented:
No, not true for us.

You need to get top notch spam filtering software or service and keep the spam out of your inboxes. An external spam service is the best way to get rid of this stuff.
0
 
Steven HarrisPresidentCommented:
Although macros can be abused, I have not seen anything to suggest that this is a viable way to introduce trojans, viruses, etc. I agree with John on the external service, but also take into account that common sense is still the best option for any company, meaning having users delete emails with attachments  they are not expecting among other practices.
0
 
Danny ChildIT ManagerCommented:
The days of a VB-based virus are far behind us, as the malicious code is very easy to spot, and hard to make polymorphic (ie self-changing).  If your perimeter defences are good (email scanning etc), I'd say macro protection at the desktop is unnecessary.

IMHO, turning off macros gives a false sense of security.  All the dubious attachments that come into us are HTML based, or EXE.

The only exception I would make is if you're in, say, an educational establishment, where the "insider threat" is much greater, and where students will like to get involved in pranking...
0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

 
ThomasMcA2Commented:
There is always a balancing act between security and convenience. Want secure logins? Create long passwords, which will be secure but inconvenient. And make every login have a unique password. Again, secure but inconvenient.

The same is true for macros. They can be used maliciously, and they can launch automatically. It is safer to disable that automatic launch capability. I do this by choice, because I prefer safety over convenience. I do that for the same reason I use long passwords.

@Steven, what you consider to be common sense is really "technical awareness" which everyone does not have. Basing a security system on "common sense" is as risky as "security by obscurity."
0
 
Danny ChildIT ManagerCommented:
I'd also add, that allowing macros to be run on demand is not much of an effective defence - unless you have some effective screening of the macro code first.  And, if you did, why block the macros?
0
 
Steven HarrisPresidentCommented:
Thomas, good points; however, rest assured I was not suggesting to base their security on common sense or technical awareness alone.
0
 
Anne TroyEast Coast ManagerAuthor Commented:
Thanks so much everyone!
0
 
JohnBusiness Consultant (Owner)Commented:
@Dreamboat  - You are very welcome and I was happy to help
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.