On
this page you will find our Top Ten List of the most important steps a
company can take to minimize the impact of email viruses and worms. Further
down the page we explain each step.
Protecting Against Email Viruses |
Step
10: System Backup
Make
sure all systems are properly backed up on a regular basis.
Step 9: Data Backup.
Make sure all important data files are properly backed up on a regular
basis.
Step 8: Install Anti-Virus (AV) Software
Make
sure anti-virus scanning software is installed on all computers (notebooks,
desktops, workstations, and servers).
Step 7: Use AV Software
Make sure AV software is active on all systems and mechanisms are in
place to keep it active.
Step 6: Update AV Software
Make sure AV software signature files on all systems are up to date
and mechanisms are in place to keep them up to date.
Step 5: Publicize Call Center
Make sure all employees know what number to call if they have questions
about suspicious email.
Step
4: Plan Your Response
Make sure your response to a virus outbreak is planned and ready to
be activated.
Step 3: Spread Specific Knowledge
Make
sure all employees know not to open email file attachments unless they
are 100% sure of what the contents are.
Step 2: Train Employees
Make sure that all employees who have access to email have been trained
to use it properly, that is, in accordance with company policy.
Step 1: Maintain Awareness
Make sure that all employees who have access to email are aware of the
damage that malicious code can do to systems and data and know what
precautions they should be taking and why.
That's right! The Number One step, the most important thing you can do to protect your company against viruses, worms, and other malicious code is raise and maintain your employees' computer security awareness. Everyone from Don Parker, eminence grise of computer security, to Rain Forest Puppy, advises the same thing: "implement a user education program."
| Regardless of the intent of their creators, email viruses and worms can cause everything from annoyance to anger to massive data loss and lost productivity. | For background
on viruses and anti-virus software, see this article
by Stephen Cobb. For background on email viruses check out this page. |
Note: we know there is a difference between a worm and a virus, but in the interests of getting to the point and helping you protect your systems from both, we are going to use the term viruses for both. |
Why These Steps Make Sense
Backup:
Steps 10 & 9
If
there is a silver bullet for computer security, a guaranteed defense
against just about anything, it is backup. In the high stakes game of
system survivability, nothing beats a recent, complete, verified backup,
preferably one that is safely stored off-site. Even if your anti-virus
software fails, even if your user training and awareness fails and a virus
trashes your systems and data, a proper backup will save the day.
The
recent LoveLetter is a case in point. It slipped under the AV radar, it
fooled users, and it corrupted both system files and data files. You need
to make sure all systems are properly backed up on a regular basis, and
you want to make sure all important data files are also properly backed
up on a regular basis. When all else fails and a destructive viruses damages
files, restoring them from backup may be your only option.
AV Software: Steps 8, 7, & 6
Although
anti-virus software is not foolproof, it can be a big help in preventing
or slowing virus infections. So it makes sense to make sure you have anti-virus
scanning software is installed on all computers, and we do mean all (notebooks,
desktops, workstations, and servers). But installation alone is not enough.
You must make sure your anti-virus scanning software is active (you might
be surprised at how many people turn it off).
If
possible, the AV software should be set to load itself automatically and
not depend upon the user starting it up. Also, and we cannot stress this
enough, your AV software will not catch recent viruses unless you have
recent signature files (the files against which the software checks your
files to see if they contain known malicious code). You are wasting your
money if you invest in AV software but don't keep it up to date. And users
get a false sense of security if AV software is running but out of date.
Planning & Preparation: Steps 5 & 4
It should be clear by now that even the defense mechanisms can fail and
you need to be ready to respond to a virus infection. Your organization
needs to have a 7x24 number that any employee can call to report an incident,
and all employees should know that number. The phone needs to be answered
by someone who can answer questions about suspicious email, virus-like
activity, and so on. That person also needs to be able to call for back
up. Your incident response team needs to be in place, read to roll into
action with well-scripted roles, whenever the call comes. Training runs
and practice drills can help to prepare for this.
Training & Awareness: Steps 3, 2, & 1
The last and best line of defense against malicious code is the well-informed
computer user. You need to make sure that all of your employees know not
to open email file attachments unless they are 100% sure of what the contents
are. They need to understand why this rule was made, and how bad the consequences
can be if it is not followed. Awareness is cheap and relatively easy.
Print posters, send out flyers, make announcements at staff meetings.
Use all your existing channels of communication to get the word out (for
free anti-virus awareness posters that
you can use at your company, click here).
Awareness builds on top of training. Make sure that all employees who have access to email have been trained to use it properly, that is, in accordance with company policy. All employees who have access to email need to be are aware of the damage that malicious code can do to systems and data and know what precautions they should be taking and why. Whenever possible, give them this information before they start using email, or make them take a test to prove they get the point and so qualify to use this valuable resource.
|
|
 |
|
|
 |
 |
 |
 |
 |
Updated Spring, 2002 by webloke
© Stephen Cobb
Some article content reprinted by permission.
Article content copyright named author(s).
|
|
|
|
|
|
|
|
|
|
|
Other pages with computer security information:
