Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 20921 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to Block Flash embedded Excel files

SysTech

By using SEC i have blocked all games from being played on our workers computers, yet now they have started sharing out excel files with games embedded in them, and the AV clients don't pick them up. 

Is there anyway using App control or Data control i can block excel spreadsheets with flash games embedded in them?

:764


This thread was automatically locked due to age.
Parents
  • 0

    Agreed - application control was very tempting when I first saw it. But I think it can help only so far: once people find out that they are restrained they'll search for ways to bypass these restraints - unless there are other more "terrible" consequences looming. Else it's just a meta-game. If people want to fritter away company time they'll always find themselves some means.

    Using application control since it's available we are still running it in detect-only mode. The major reason is that it is still all-or-nothing. You can detect applications and allow some but block the others. It's on my wish-list for quite some time (I've already commented on it during on of the betas): it should be possible to apply the detect_only/block decision on a per-application (or application group) basis. Thus an application should have three possible states: authorized/detected/blocked.

    If this were available we'd certainly block a number of applications. Reports show that misuse (or abuse) is a lot less than expected. The majority of  "violations" are "alternate software" (with user-mode and portable versions blooming the number has vastly increased). Sometimes we decide to include this software, sometimes we try to educate the user and for the rest we keep an eye on it. Forthright abuse results in a warning and has in case of recurrence dire consequences.

    Oh, and - sure, I'd recommend Sophos :smileywink:

    Christian

    :793
Reply
  • 0

    Agreed - application control was very tempting when I first saw it. But I think it can help only so far: once people find out that they are restrained they'll search for ways to bypass these restraints - unless there are other more "terrible" consequences looming. Else it's just a meta-game. If people want to fritter away company time they'll always find themselves some means.

    Using application control since it's available we are still running it in detect-only mode. The major reason is that it is still all-or-nothing. You can detect applications and allow some but block the others. It's on my wish-list for quite some time (I've already commented on it during on of the betas): it should be possible to apply the detect_only/block decision on a per-application (or application group) basis. Thus an application should have three possible states: authorized/detected/blocked.

    If this were available we'd certainly block a number of applications. Reports show that misuse (or abuse) is a lot less than expected. The majority of  "violations" are "alternate software" (with user-mode and portable versions blooming the number has vastly increased). Sometimes we decide to include this software, sometimes we try to educate the user and for the rest we keep an eye on it. Forthright abuse results in a warning and has in case of recurrence dire consequences.

    Oh, and - sure, I'd recommend Sophos :smileywink:

    Christian

    :793
Children
No Data