Originally posted by psi0nic
My company has a `tough **** you can't use irq, irc, or whatever, that is not what we pay you to do anyway..' security policy. I know it is harsh, but it works quite well. The trouble you are in is that it is difficult to take priviledges away once people are used to having them. Depending on who the Luser is( mgmt etc..), it can be a real pain in the ass.

It sounds like you already have some kind of anti-virus application on the exchange server. I would recommend password protecting the anti-virus software if you can so users can not turn it off. I might even suggest making it a hidden process or something like that depending on what the software is and what it can do.

Hope you figure it out. I don't envy you one bit.
Taking away people's permissions is an attractive prospect in theory, but pulling it off would be quite difficult. Many engineers have full administrative access to their machines (the company builds hardware, writes the drivers for it, and tests them, so they need it), and know how to diable a service. For the non-computer inclined, the anti-virus is invisible, but alot of the engineers know just enough to break stuff. The sales people also have local admin rights, as they need to demonstrate the installation of hardware and software to customers. The accounting department is running windows 98, because the 15 year old goverment accounting software doesnt run on NT. My superiors tell me limiting internet access is not an option. The whole place is just a security nightmare.

Thanks for the advice everyone, I guess I'm just going to have to try and teach people to not be ignorant on the matter.