F-Secure PSB DataGuard not practically usable in low-tech environments, like public education?
I saw an apparent false blocking in FSAV PSB portal and reported it to the F-Secure Virus Lab as follows:
Ticket ID: xxxx
Date and time: 2019. feb. 22. 11:15:32
Customer: [a hungarian school]
Computer: [a desktop PC]
OS: Windows 10 64-bit, version 10.0.17763
User: [student's name]
Software: FSAV PSB Computer Protection Premium 19.1
Module: F-Secure DataGuard
I asked the Lab to review the situation and make adjustments to the technology if necessary. I've just received this answer from them:
"With Access_Control_List and Discover_trusted_applications_automatically enabled in DataGuard, the feature does not trust by default:
To workaround the issue, you can add the target path where the Windows process is working on, to the excluded folders in the Profile Editor at:
DataGuard > Manually defined folders > Excluded folders
Besides that, the application (for example, OneDrive, etc.) installed to the user directory is not trusted too. To workaround the issue, you can add the application path to the trusted applications in the Profile Editor at:
DataGuard > Access control list > Manually added trusted applications and folders"
I don't like this recommendation for a workaround. If the files in question are digitally signed and came from a reputable vendor (Microsoft) then why arent't they trusted automatically? I mean we cannot expect end-users like this primary school to have the skills for adding folder exclusions, etc. themselves and they don't have the money to employ security sysadmins.
The PSB system should work correctly by itself, because F-Secure is about automated solutions first and foremost, that's how and why it was sold to non-tech-savvy customers! I feel the technology should be tuned centrally by the vendor.
Thanks for your attention, Sincerely:
Tamas Feher, Hungary.
EDIT: Removed case number