mercredi 11 février 2015

Secure Flash with Click to Play Plugins in the Enterprise



In the recent light of repeating critical Flash vulnerabilities there are recomendations to use browserplugins like click-to-play to prevent unnecessary flash content to automatically load with every Webpage.


I think this is a good idea however there is the point of distribution and maintaining such Plugins and selecting a well maintained and trusted one in the firstplace (for ie, ff, chrome at least). I dont want to introduce another vulnerable surface into the environmnet.


So the question is:



  • Do you have experience using such Plugins in an Enterprise Environment with lots of Windows Clients (lets say 100+)

  • How do you deploy the plugin

  • How do you maintain the plugin (regular updates)

  • How do you centrally manage the configuration of this Plugins (GPOs?)


I hope this questions are not to open or vague. Im interested in the enterprise feasability and your experience with click-to-play'ish browser Plugins in the enterprise.





Aucun commentaire:

Enregistrer un commentaire