Leythos said:
1) Since we lock-down, restrict users security setting, many sites
appeared to be broken using IE, users had to "Learn" how to setup
Trusted Sites so that they would work.
2) FireFox didn't require any adjustments in order to allow access to
the same business sites.
That says a few things:
1. Your business sites require behaviours that are not considered "safe" by
IE. Yet Firefox considers them safe. Is this a sign that Firefox is allowing
too much?
2. You did not make your "business sites" a part of the local intranet, or you
lowered the local intranet settings extraordinarily low.
3. You did not research the sites that your users use in order to prepare them
ahead of time by deploying a list of trusted sites throughout your
organisation.
3) Browsing of sites that were outside the "business" sites also worked
and provided LESS problems and "issues" than IE did.
That's definitely a benefit.
4) For unmanaged systems, systems in the "wild", switching to FireFox
resulted in less calls to support related to "I just clicked on this
xxxx and I'm not sure what it did, is my computer infected".
Certainly, without ActiveX, there's one avenue of attack that is not available
- but this suggests that you didn't adequately restrict the use of ActiveX.
That, and your users are click-happy and need a good slapping every now and
again.
If users are still able to access sites, and support time is reduced by
xx percent, then it applies, and it works for the stats.
Correct - the goal is to allow the business to operate more smoothly and at a
reduced cost. I suspect you could have achieved the same results by centrally
administering aspects of IE, but you have to go with what you know.
Actually, most are "More" comfortable as they don't worry as much about
malware links and sites.
If they clicked on links and got infected, it seems to me that they didn't
worry enough.
No, that's good too - it means they were screwing around when they
didn't need to be. If you can do your work without opening a browser,
then you didn't really need to open a browser to start with. I love the
"I need internet access at work because you own me" types.
I meant that if you have driven users away from an efficient source of
information to a less efficient source (say, from online sites with searches
and hyperlinks, to paper manuals), because it's now easier to use the manuals,
then you've achieved a loss of utility. Security's important, but it has to
enable the business, rather than disabling it.
We have users at all levels, and the first days use was a little bit of
a change for them, but FireFox has been nothing short of a blessing for
most. We've even relaxed some of the blocking rules because of the
FireFox switch.
Well, good luck to you on that - but I would still remind you that there are
more ways to skin a cat than just liquefying the insides with a hand-blender.
What you've achieved, I believe, from my own experience, could have been
accomplished with IE, with less retraining of users, but perhaps a little more
training of the administrative task (on using the IEAK, for instance). Others
reading this may not be aware that there are several ways to more secure
browsing.
Alun.
~~~~
[Please don't email posters, if a Usenet response is appropriate.]