Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
Zero Trust (Solution Vote)
Message
<blockquote data-quote="danb" data-source="post: 1015913" data-attributes="member: 62850"><p>Sure, there are several ways <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" />.</p><p></p><p>1) VS Settings / Basic tab: disable the "Enable balloon notifications and user prompts" option. This is a great way to go for consumers because the VS desktop shield gadget will still flash, so the user knows something was blocked.</p><p></p><p>2) VS Settings / Web Management tab: enable the "Require admin approval before letting the user allow new, non-whitelisted files" option. This is mainly for SMB / Enterprise use cases, but here is no reason you could not use it for your grandpa or child.</p><p></p><p>3) You could create a folder rule to silently block all user space folders. I have not played around with this much, but I think it would work really well for a lot of people.</p><p></p><p>And please keep in mind you can always set a password to VS so that users cannot change the settings. There are probably other ways to prevent users from clicking the allow button in VS, and if I think of more I will post them <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" />.</p><p></p><p>Also please keep in mind that any Off, Disable or Install Mode switch in ANY Zero-Trust product is effectively the exact same as an allow button <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" />. For example, from this thread...</p><p></p><p>[URL unfurl="true"]https://malwaretips.com/threads/how-i-got-infected-last-time-thread.57614/post-1015706[/URL]</p><p></p><p>I would also point out that given the exact same scenario, [USER=53544]@RoboMan[/USER] would have simply disabled any traditional Deny-by-default product he might have had installed (the non-prompting, non-file insght kind <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" />), especially since it would have lacked the benefits of file insight and user recommendations. I could write a book on this subject... but I will say that working directly with end-users since 1999 really helped me to understand their thought processes and what UI design most users would consider to be user-friendly, and would be able to safely use.</p></blockquote><p></p>
[QUOTE="danb, post: 1015913, member: 62850"] Sure, there are several ways ;). 1) VS Settings / Basic tab: disable the "Enable balloon notifications and user prompts" option. This is a great way to go for consumers because the VS desktop shield gadget will still flash, so the user knows something was blocked. 2) VS Settings / Web Management tab: enable the "Require admin approval before letting the user allow new, non-whitelisted files" option. This is mainly for SMB / Enterprise use cases, but here is no reason you could not use it for your grandpa or child. 3) You could create a folder rule to silently block all user space folders. I have not played around with this much, but I think it would work really well for a lot of people. And please keep in mind you can always set a password to VS so that users cannot change the settings. There are probably other ways to prevent users from clicking the allow button in VS, and if I think of more I will post them ;). Also please keep in mind that any Off, Disable or Install Mode switch in ANY Zero-Trust product is effectively the exact same as an allow button ;). For example, from this thread... [URL unfurl="true"]https://malwaretips.com/threads/how-i-got-infected-last-time-thread.57614/post-1015706[/URL] I would also point out that given the exact same scenario, [USER=53544]@RoboMan[/USER] would have simply disabled any traditional Deny-by-default product he might have had installed (the non-prompting, non-file insght kind ;)), especially since it would have lacked the benefits of file insight and user recommendations. I could write a book on this subject... but I will say that working directly with end-users since 1999 really helped me to understand their thought processes and what UI design most users would consider to be user-friendly, and would be able to safely use. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
