The biggest problem I have with my user base at work is the payload of spyware that gets installed on a (probably) daily basis. Some of this is caused by users gleefully clicking on any window that says “Click Here!”, just oh so happy to oblige. And of course there is the plethora of Internet Explorer security holes that appear at least once a week, just to keep me on my hotfix installing toes.

So today we have some new “extremely critical” vulnerabilities to IE that were just announced. Fantastic! Trustworthy Computing indeed. It’s gotten to the point where IE is the single largest malware vector into my company. The big target used to be Outlook and email worms/viruses. But between filtering out executables and virii at the gateway level, plus Outlook’s security patches those are mainly a non-issue. In fact I can’t even think of a large virus outbreak we’ve had since ILOVEYOU.

So I’ve reached the point where it’s just not worth the hassle and doesn’t make business sense to run IE. Between my time to fix spyware problems and users’ lost productivity while I perform said fixes, it ends up costing the company quite a bit of money. I’m sure someone out that has computed the tim and money lost, on average, to spyware infestations.

This means it’s time to install Firefox on the desktop. I’ve been using it on my own desktop for a while now and .9 version is really solid. I’ll need to keep IE around to run our local Siebel application but I’m sure I can figure out a way to restrict IE to intranet use only. I’ve just got to label the Firefox shortcut “The Internet” and the users will never be the wiser.

Now I just need to find out the easiest way to roll it out to a bunch of desktops without having to walk around to each person. yay.