Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Communications Security IT

Ask Slashdot: How To Communicate Security Alerts? 84

Posted by Soulskill from the your-computer-is-broadcasting-an-ip-address dept.
Capt.Michaels writes: "I need to start sending security alerts and warnings to employees at my somewhat sizable company. My problem: I'm not sure how to send these alerts without freaking everyone out and causing the help desk to get flooded with phone calls. For example, let's take the current Internet Explorer exploit that caused US-CERT to recommend switching browsers. I don't want everyone killing our limited help desk with ridiculous questions like, 'I downloaded $New_Browser, how can I get my toolbar? How do I bookmark things in this browser? Can you tell me which browser you recommend?' Simply put: some vulnerabilities are worth major changes, but many aren't. If we switched software every time a new vulnerability came out, we'd never get anything done. Sooner or later, a patch will come out, and everything will be back to normal. But how do I communicate to end users that they should be aware of an issue and take extra care until it's fixed, without causing panic?"
This discussion has been archived. No new comments can be posted.

Ask Slashdot: How To Communicate Security Alerts? More

Ask Slashdot: How To Communicate Security Alerts?

Comments Filter:

  • Re:My thoughts. (Score:2, Informative)

    by Anonymous Coward on Friday May 02, 2014 @02:51PM (#46901661)

    Then you could sit tight waiting on a patch for your existing browser

    That patch he was waiting for? it was pushed yesterday ... FYI.

    If he followed your advice, he would have spent more time creating, testing, and implementing the scripts/GPO's you suggested, than it took to get the patch. Plus he'd get to have all the fun of hearing from the Help Desk about users who're confused by a different browser appearance, and oh, hey, where'd all of my favourites go?

    Not to mention, if the enterprise also uses GPO's to manage browser functionality / appearance / behaviour, woops, none of that on Chrome/Safari/Firefox...

    If he did ANYTHING, on Monday, he could have pushed EMET to his Windows Vista/7/8.x clients, thereby hardening all of them against not only this attack, but also most others going forward; IE11 with EMET has YET to be compromised and was the ONLY browser configuration that came out of PWN2OWN undefeated; (FWIW: If you think that's just from weak-efforts, and manage to find a way to defeat it, there's a $150,000 [wmpoweruser.com] reward available...)

    -AC

  • fix it at the proxy level (Score:4, Informative)

    by SethJohnson ( 112166 ) on Friday May 02, 2014 @03:49PM (#46902279) Homepage Journal
    Modify your outbound proxy rules to redirect every outbound http request that has a useragent string belonging to the affected browser. Send them to an internal HTML page that explains the security threat and provides a link to download and install the browser preferred by the organization.

    This will:
    1. Selectively communicate the issue to only the affected users.
    2. Prevent anyone on the internal network from being compromised due to this vulnerability.
    3. Prevent anyone from ignoring the 'advisory.'

    If you're not using an outbound proxy, god help you.

Slashdot Top Deals

Those who can, do; those who can't, write. Those who can't write work for the Bell Labs Record.

Close