In this article I would like to go over some of the common sense strategies to avoid being victimized by viruses, trojans, worms, and other malware. First I would like to discuss some web surfing and computer usage behaviors that either contribute to or reduce the likelihood of being infected by viruses and then I will discuss some software solutions. The ideas below apply equally well to individual/home users as well as to corporate users.
Common sense steps to avoid computer viruses
- Create a non-admin user account – As a corporate network administrator, I generally do not give administrative privileges to users. What this means is that the employee or user can use their computer most if not all common tasks such as creating and saving Office documents, using email, browsing the internet, etc. However they cannot install any software. Since most viruses these days come from the web, if the user does not have the ability to install any new software, then nor does any computer virus which may try to sneak in while he/she is doing the browsing. If you are a home user or have a PC or laptop at home, I recommend creating a non-admin user on your local PC and use that account for all you activities. If you even need to perform some functions that require administrative privileges, such as installing new software, you can always log in as an administrator, perform those functions and re login as the your regular non-admin account.
- Don’t use your email on sites you don’t trust – For example if there is a site offering a promotion or a free vacation, don’t use your regular business email. If you absolutely have to give out your email to untrusted sites, first create a public email on a free site such as GMail or yahoo and use that email instead.
- Don’t reply to spam – Many spammers will harvest your email by scouring the web and once they find you they will send out some spam. If you happen to respond to it, even if you complain or to ask not to be emailed again, then they know they have a valid email and will continue sending you spam. It is reasonable to assume that spammers have no scruples.
- Use Encrypted Emails Portals – If you are away from the office and are using your business email portal (e.g. Outlook Web Access) or a public email exchange, make sure you are on an encrypted channel. You can tell if you are on an encrypted channel by the small lock symbol at the bottom of your browser. If you don’t see the lock symbol on a page, don’t enter your email on that page. If you business email portal doesn’t have encryption (SSL) put one in place. Bear in mind that anything you type or send over an unencrypted channel (including emails and passwords) travels in plain text and can easily be intercepted and revealed, especially if you use a wireless connection.
Every business should be running some sort of anti-virus software without exception. The consequences and risk of having your PCs, laptops and servers get wiped out is unimaginable. There are several approaches to anti-virus functions and I will discuss the pros and cons of each.
- Server Based Anti-Virus – This is the most common approach to installing and deploying anti-virus software in corporate environments today. Typically this approach involves installing the software on one or more servers and deploying the “client” application to individual workstations and laptops. The server portion of the software usually scans and filters out both email-based viruses and those found embedded in files on the server, so there are two layers of filtering being done by the time a file or an email is accesses by a user, however since both filtering is being done by essentially the same software from the same vendor, chances are that if a brand new virus come through to your system, and the server misses it or doesn’t recognize it as a threat, the “client” will miss it too. Therefore one school of thought suggest using server software from one vendor and desktop software from another. I happen to agree with that philosophy.
- Client-Based Anti-Virus – Products such as Kaspersky Internet Security offer very good albeit not 100% protection against viruses. The key factor in keeping the product do what it is designed to do is to update it regularly. Most desktop products including Kaspersky and McAfee have a built-in automatic update feature, however this needs to monitored regularly to make sure it it functioning. The update process can be interrupted for a variety of reasons such as firewalls or product registration issues, and if not carefully monitored, may leave the user with a false sense of security. I recommend checking the update status at least once a week.
- Anti-Virus Hardware (Appliance) – Many vendors such as Cisco and SonicWall make very effective products that are typically built into a firewall or a router and perform content filtering at the border or gateway into your network which is typically your firewall. This approach works really well because it eliminates the guesswork by filtering out spam (and usually viruses and malware) before it enters your network, specifically your servers.