Internet Security in today's world
People love the Internet. It is a wellspring of information, resources and entertainment. It is also Pandora's Box waiting to be opened and once it is good luck getting it closed again. A client of mine was surfing the Internet on her lunch break, only to have what appeared to be a Microsoft Windows shield appear warning her of a virus. It instructed her to click on the link to remove the virus. People have been conditioned to trust certain icons which malicious programmers - typically called 'Crackers' take advantage of. One click later and now not only did she still have a virus - so did the entire company network.
The common questions asked by the company's owner (Justifiably so) - Why didn't the company's virus program block it? How did it get through the firewall? Shouldn't the IT support, specifically Security, have been able to prevent this? The answer is yes and no. The job of preventing infections to a computer or a network is a constant work in progress. Close one loophole and the Cracker will go and find another. Functionality for the user has to be taken into account as well. It's possible to tighten the group policies to the extent that viruses most likely won't get in, yet this restricts the user so much they might as well have a virus as the result is the same - they can't do anything.
The answer, while not a perfect one, requires teamwork between the user at the desktop and whoever is managing the Security. It is up to IT to make things as safe as possible without affecting the day to day work of the company. It is up to the user to use discretion on what is done while using a company computer. With today being 'Cyber Monday' companies’ bandwidth will be monopolized with people using their down time to surf the Internet for good deals. Any Security specialist is realistic in knowing that viruses get through, it's just part of the job. That doesn't mean you as the user, have to unlock the door and let them in.