Email Attachment Blocking - Best/Standard Practice for DOC files

This week we had an infected email attachment pass through our multiple levels of security (MimeCast in the Cloud + Barracuda Spam/Virus Firewall internally + ESET Endpoint Security installed on each workstation).  

The attachment had a DOC extension with the virus embedded.  The Barracuda actually quarantined it, but the user allowed it out of their quarantine, and ESET didn't stop it from executing because it was such a new variant of the virus.

In an effort to avoid additional infections of this nature, I set our incoming email policy to block all emails with DOC file extensions, knowing I may have some negative feedback from our users who send/receive Word documents.

I'm wondering if it's a common/best practice to block emails with DOC (and DOCX) file attachments, or if I'm being too restrictive.
Chad_J_LemmerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Wayne88Commented:
It's hard to say.  IMHO, there is no right or wrong.  It's a matter of whether the new policy is acceptable to your environment.  If the users can do without DOC/DOCX then I see nothing wrong with it.  In fact, if a company only wants to accept PDF file it's fine too as long as the management and users are okay with it.

Your users may not like it for the time being but if they can get used to it then the less type of attachments you allow to get through the more secure you are.

That's not to say if they want EXE, BAT files thru then you should allow them just because they're requested but in general DOC/DOCX are allowed.  

That's my two cents.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tliottaCommented:
Since file extensions are technically meaningless, are you actually blocking based only on the file extension for DOC/DOCX files?
0
Chad_J_LemmerAuthor Commented:
Correct, I'm blocking any emails with DOC and DOCX attachments since the virus came in as a file with a DOC extension that wasn't really a Word document.
0
younghvCommented:
I've requested that this question be closed as follows:

Accepted answer: 500 points for Wayne88's comment #a40929009

for the following reason:

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.