Texas Bank Dumps Antivirus for Whitelisting

["Richard M. Smith" <rms () computerbytesman com>]

http://www.darkreading.com/document.asp?doc_id=158750&WT.svl=news1_4

Brent Rickels, senior vice president at First National Bank of Bosque
County, had grown tired of dealing with antivirus software. He was tired of
regularly updating virus signatures, tired of hackers constantly tweaking
malware, and tired of worrying about what users had downloaded onto their
PCs. So Rickels dumped the bank's AV software for a whitelisting product and
in the process, become one of its first commercial customers. 

First National Bank of Bosque County, which serves the Waco, Texas, area and
manages approximately $100 million in assets, had seen the volume of spam
and spyware it had to beat back increase tenfold in four years. So when it
was time for the bank to renew its Symantec AV license at the end of 2006,
the timing was right to make a change. 

"It seemed like the antivirus updates came out only after new malware had
already been released," Rickels says. Running a routine system scan with
hundreds of thousands of signatures was taking half an hour or more. So the
bank's tiny IT department of only a handful of employees was spending more
time maintaining its security software and less time on business
applications. 

The financial services firm decided to look for a different solution that
was simpler to maintain and more effective. It considered GreenBorder, which
quarantines any software downloaded via a user's browser until someone moves
it to the main system. But that option appeared to still require a fair
amount of manual intervention. 

FNB was intrigued by Lumension Security's Sanctuary Device and Application
Control systems, which offered theoretical rather than proven benefits at
the time. The tools let users run administratively approved programs only
and restricts any unknown and unauthorized executables from springing to
life. "We liked the product's basic design; it is easier to contain a known
universe than an unknown one," Rickels says. 

The software had other appealing features. Because user software was
restricted, there would be less administrative work, and Sanctuary actually
ran better than AV software because it was a lighter program. And the final
selling point was that the Lumension system cost about 30 percent less than
the Symantec option. 
...

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.