You can only catch so much at the edge and DNS level. Browser extension catches the stragglers that get through. But we’ve mitigated virtually all browser induced malware possibilities by just moving to cloud-based internet isolation. It’s similar to what the DoD uses, if anyone’s familiar with their use case: https://www.bylight.com/wp-content/uploads/2020/09/CBII_2020-2025.pdf
Same here. The worst thing is in their justification of disallowing Firefox they listed that it was not an enterprise application. I get that it might be extra effort to support it but don’t list something factually untrue as a lame cop out for why you don’t want to.
Was told it wouldn’t be allowed because you couldn’t restrict it using GPO… Until I told them they could absolutely apply those restrictions using GPO and even provided the ADMX templates.
Tell your IT.
Yeah. What company wouldn’t allow it?
When I was working for an ad exchange, everyone had adblock installed in their browsers, I found that quite ironic.
I would argue it’s a security issue not to have any ad blocking. Many scams online start with popups or fake ads.
So if you get the opportunity to talk to IT that’s what I would mention.
A good IT is blocking ads at a company-level. Browser extensions wouldn’t matter, and in fact, shouldn’t be allowed for the same reason.
You can only catch so much at the edge and DNS level. Browser extension catches the stragglers that get through. But we’ve mitigated virtually all browser induced malware possibilities by just moving to cloud-based internet isolation. It’s similar to what the DoD uses, if anyone’s familiar with their use case: https://www.bylight.com/wp-content/uploads/2020/09/CBII_2020-2025.pdf
Even with CBII ads still make the internet cancerous to even look at
Oh for sure, but with CBII, malicious ads can’t exploit a vulnerability and infect your local system.
Officially only Edge is supported, but Chrome is tolerated. It’s a full MS environment.
Same here. The worst thing is in their justification of disallowing Firefox they listed that it was not an enterprise application. I get that it might be extra effort to support it but don’t list something factually untrue as a lame cop out for why you don’t want to.
Was told it wouldn’t be allowed because you couldn’t restrict it using GPO… Until I told them they could absolutely apply those restrictions using GPO and even provided the ADMX templates.
Click on every single ad and banner, click “I agree” on every pop-up. Make that computer hate it’s life!
How To Get Fired 101