I was just reading this article posted today.
How very interesting; someone still gets amazed at the fact that people won’t do anything to fix their own issues. I’ve been seeing this sort of situation ever since I started doing this job – people do not take care of these issues; some out of genuine ignorance of the issue, an absence of knowledge on how to fix it; but largely (and very worryingly), out of nonchalance. In my conversations with non corporate users, I realize that many do not use an AV; that they find it clumsy and slow, and, get this, expensive ($20/year to help keep your computer clean and safe, does that sound expensive to you?)
What troubles me is when the author refers to enterprise users. I hope we are talking about small and med businesses here; because if Fortune 500 companies don’t fix these issues, then there is no hope that anyone will!
Incidentally, there is an easy way around this problem, that any company of any size would be able to afford and which would do it some good in other ways as well – the use of a proxy server!
If the server is in line with the internet traffic, so that no one can ‘accidentally’ bypass it, then the DNS resolution on the workstations becomes irrelevant because the proxy will do its own resolution. And, of course, assuming the proxy server itself is not compromised (thus the importance of not using Microsoft servers for doing this, in my opinion, a proxy server should be based on Linux not Microsoft; for numerous reasons, this being one of them), then this becomes a non-issue. No matter what IP the workstations resolve to, the proxy will resolve it to the correct one anyway.
Which is one more reason why it is important to use an inline proxy to filter internet traffic!
Have a good weekend ahead.