Originally posted here by catch
Seriously, have you even read this thread? It isn't about training your users, it is about using technical architecture that again, enforces roles using finely grained permissions and least privilege as well as using multi-account sessions.
Hey...I'm open to get "converted" if you can convince me.. heh!

The point I was trying to make is you can't ever trust humans; there will always be the human error...
In most companies you have lots of different positions, which require lots of different computer privileges. There are tens of thousands of different viruses circulating around the globe, some lame ones, some very sophisticated ones, using all kinds of different holes and vulnerabilities, and sometimes vulnerabilities that are not even known...
No, it's not only about "training your users", and it's not only about "technical architecture"... it's about everything together. There are many different components, including the "human error" on many different levels...

Sure, if you have your network locked down to 100%, none of the viruses will be successful, I'm just afraid I won't ever be able to reach that 100%.

If you can reach 99%, I would think an A/V solution would make it even more secure.

But again, I'm not trying to argue just to argue against you all who don't believe in A/V solutions, I'm willing to listen and hopefully get convinced if you actually are right!
(Currently convinced an A/V solution is better than no A/V solution though)

Maaan.. we need to give some AP to Raccoon for starting this thread.. looking forward to follow this thread to the end... if there ever will be an end... heh!