So I have been in this business for a long time as a sysadmin, security guy (IT Ninja) and now I work for Tripwire who sells to these two folks. Everyday, we sell lots of software to lots of folks. And to a person nearly no one buys licenses for the desktop. Why is that? If you think about it IT Ninjas spend nearly all of their time protecting the network, protecting servers and databases and the like. Desktops are an afterthought. If it has a firewall and anti-virus then its all ok.
The problem? The desktop is probably one of the most common endpoints to the internet. This means that all sorts of users regardless of security training or inclination are browsing the net and going lord knows where. The last couple posts I have made have really emphasized the fact that even modern browsers can essentially function as a gateway into your network (or a boarding plank to keep with the pirate theme).
Ryan Naraine writes about Firefox’s latest vulnerability here: http://blogs.zdnet.com/security/?p=3013
I used to use Firefox exclusively, but lately I have gravitated towards Chrome. The IT Ninja may want to do the same. Because as long as the user has unfettered (or slightly fettered) access to the net they will dare to go where they should not go. Oh and by the way… adding an additional layer of security using a product like say…Tripwire…will alert the sysadmin if something ugly gets downloaded to the desktop…
Don’t forget to follow my tweets: http://twitter.com/theorrminator