CDOT held ransom

[Eric P]

This does tell an interesting story about a agency whose job is to maintain roads (not something like administer benefits). Unless the roads are maintained by computer, then it makes sense. But I think we're a few years off from that.

What AV was CDOT using?

CDOT is one of the largest engineering companies in the state. They are not just plow drivers and pot hole fillers.

The in house engineering saves the state a lot of cash. Hiring consultant companies to design and administer projects cost at least 3x as much as a state employee. Consultant designed projects have more errors than in house designs, as those designers are not familiar with state and federal requirements. Yes, there are some inefficiencies, mostly do to meaning federal tracking and reporting regs, but the agency is fairly lean. Hasn't grown since the 1970s Evan as budgets grew.

[Skip]

Understood.

When this is over, if someone can tell me what AV to avoid, I'd appreciate it.

[Gman]

McAfee for home use does suck (different software stack from enterprise software). The enterprise solutions, including ePolicy Orchestrator for management, works quite well. Nothing is prefect.

We block autorun behavior on all Windows systems via Group Policy. It's an easy fix.

[kfr]

The only thing decent about McAfee products is EPO. I still think EPO is overly complicated. McAfee believes they have you by the short hairs because of EPO. ENS 10.x is a little better in the AV department but still lags the more innovative new comers. Many of the new comers are former McAfee employees who set off on their own to start new companies and start with a new foundation not dependent upon signature based detection. McAfee needs to be taken out to pasture. The salesman are a bunch of used car sales rejects, the engineering dept isn't capable of fixing a long list of known bugs and the company has been spun off so many times they can't come up with an identity better than cocaine cowboy John "McAfee".

I'd start switching now unless you want to become a victim of every piece of Ransomware and variants coming down the pipe. I'd recommend setting up and isolated lab with virtual workstations configured like the corporate desktop images (different pw's, similar GPO's). Get malware samples and test away.... All companies and state/govt agencies should be doing this on a continuing basis anyway.

This info is based on horrors of working with many of their products over a long period of time in multiple industries. I'd recommend getting out of McAfee before the state gets burned again. Easier said than done huh? It shouldn't be as political as it is given the loss of so many workstations but the decision will be laden with doubt, funding, testing, project planning and just plain craziness. All is can say is good luck but leave McAfee in the rear view mirror.

[BushMasterBoy]

A briefing given to me by a very secretive government agency stated they were using Norton products. I had fairly good success with Norton.

[Gman]

I read somewhere that Symantec was getting out of the AV business.

https://www.theregister.co.uk/2014/0..._a_moneymaker/

[Bailey Guns]

I just got out of the Symantec business after their NRA bullshit.

[sroz]

I just got out of the Symantec business after their NRA bullshit.

Yep and amen.

[Musashi]

Curious to hear how all this plays out as I am in the .gov sector too and we are in the midst of getting rid of Kaspersky.

[Eric P]

1 week, still down.

What's even more humorous is that presidents day weekend, they pushed an updated security patch to prevent this kind of thing.