Re: Poll: Anti-Spyware on servers

["Consolvo, Corbett" <ConsolvoC () COFC EDU>]

We've been deploying the Microsoft product to servers and testing a few
other products.  While we certainly do our best not to do client-type
things with our servers, our stance is more protection is a good idea.
I have yet to have any issues with anti-spyware on our servers...

Corbett Consolvo
College of Charleston, SC

-----Original Message-----
From: Graham Toal [mailto:gtoal () UTPA EDU] 
Sent: Monday, July 10, 2006 1:49 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Poll: Anti-Spyware on servers

>  We recently began deploying CounterSpy Anti-Spyware 
> throughout our College, and a debate has arisen over whether 
> or not it is needed on Windows servers. Some administrators 
> feel that it is unecessary and potentially harmful to 
> servers, so I'd like to get an idea on whether or not some 
> higher education enterprises deploy anti-spyware on their 
> servers. Thanks. 

This may be a little naive, but if you remove the browsers from
your servers, and the email programs, there are few ways left
that you're likely to pick up spyware.  Browsing and email
reading on servers should be banned by your Best Practises
document, or your Server Policy document if it is that detailed.

This doesn't account for the CYA factor but it does reduce the
actual risk by 99.9%

Graham (a big fan of Gordian Knot solutions)