Hello everyone, I am curious to know what steps other companies take when their users encounter phishing or malware pop-ups while browsing the internet. Specifically, I am wondering if companies typically default to reimaging the possible affected machines as a way to ensure that the systems have not been compromised, or if there are other steps they take before resorting to reimaging. For instance, do they isolate the affected machines from the network to prevent further damage? Do they run a full scan of the machine to check for malware or viruses? Do they instruct users to reset their browsers or clear their cache to remove any potentially malicious code? Or do they rely on antivirus software to detect and remove the malware or phishing attempt? Additionally, I am curious to know how many just default to reimaging in these situations especially for VDI infrastructure. Is it safer/quicker to just reimage the affected machines to ensure that all malicious code has been removed, or is reimaging a waste of time and resources? Are there any scenarios in which reimaging may not be necessary or may not be the best course of action? We normally default to reimaging just to be safe, and since we are on a 80/20 virtual/physical infrastructure but I'm wondering if this is the right approach. If you work in IT or cybersecurity, I would appreciate your insights on this topic. Please share your experiences and best practices for dealing with phishing attempts and malware pop-ups in a corporate environment. Thank you in advance for your input!
Support the originator by clicking the read the rest link below.
