Sophos antivirus always updating
And yet, recently, the last of those orthodoxies – password expiration – has started to crumble.In 2016, the influential US National Institute of Standards and Technology (NIST) broke with generations of received wisdom by recommending that scheduled password change should be dropped from the list of good practice on the basis it now does more harm than good.It simply reinforces that security cannot be achieved entirely with baselines.We took our time to review PC Matic, and if it’s affordable protection for five devices that you need, this software is the right choice.It could be that Microsoft’s angst over its baseline is really asking a deeper question – should baselines and the endless compliance that follows in their wake be that important anyway?Margosis again: Removing a low-value setting from our baseline and not compensating with something else in the baseline does not mean we are lowering security standards.At the last count, Windows 10 had 3,000 of them (including many not related to security) implemented as Group Policy Objects.Having these parameters set up means that IT staff don’t have to configure everything from scratch as well as helping with the ordeal of compliance.
In the consumer space, it’s become such an accepted part of security that password managers urge users to update their passwords regularly and offer mechanisms to automate this for big internet sites.
The problem is that this can have unintended consequences, which can render the effort worthless.
As Microsoft’s Margosis writes: In effect, users are not really changing their passwords, just tweaking them so they’re easier to remember.
This issue yesterday was affecting about 30 of our 300 machines but would have affected more if not for the policy we pushed out early.
The actual issue seems to be Sophos blocking all internet connections rather than simply stopping login due to the user profile service not running correctly for domain users.