Managing Antivirus Threats

Successfully managing virus threats essentially boils down to managing two things: technology and people. Sure, it’s easier said than done… but certainly doable.

Let’s start with the technical side. You’re probably aware that there is no single or foolproof solution to completely protect your network. However, by deploying multiple solutions with a layered approach, you certainly mitigate the vast majority of risks.

Creating multiple layers of protection defends against attacks from each aspect of computer use. The first layer is one that most people are familiar with – an Antivirus application. This is the most basic form of defense; it’s well established in the industry and is easy to find and deploy. It provides the first layer of protection by scanning the system itself and identifying any known viruses – in most cases eradicating them before they can do much damage.

Very similar to the Antivirus application is another form of protection known as an Antimalware application. While functionally the same as the Antivirus program, it is yet another layer of protection that resides directly on the computer. As you will learn in a later blog, there are many differences between a virus and malware attack, and it’s important to keep an established protection against both of them.

The next layer of defense reaches just beyond your computer itself, and that is the firewall. This is usually a piece of hardware that exists between your computer and its internet connection; imagine it as a night club bouncer … it enforces the established rules, letting some things in, and keeping others out. Any form of firewall is helpful, but be aware that a commercial-grade firewall has significant advantages over a home or small business-grade firewall when it comes to performance, capabilities and level of protection. We can discuss that in a future blog.

A third technology-focused layer is content filtering. In the same way as the firewall, content filtering exists just beyond the physical computer. Just as the firewall blocks attacks from coming in to the computer, content filtering blocks certain requests, originating from within our system, from going out. It may seem odd to do this, but not all websites or searches can be trusted. Adding in this content filter prevents potentially dangerous requests from even happening.

The last layer of protection to manage is perhaps the most difficult: people. Even the best layered defense scheme won’t be able to defend against a person behaving badly. What’s required to protect our systems from ourselves? First, companies must institute an “acceptable use” policy – setting expectations on what employees can and CANNOT do while on company computers. Second, we must train users. Not every person is computer savvy, nor are they expected to function as system engineers. The idea behind user training, then, is not to teach users to set up a firewall, but to be aware and cautious of what they see on their screens. For instance, if their job doesn’t involve making shipping requests, they shouldn’t open that email from FedEx. If a PDF they downloaded comes in a zip file format, they should leave it alone. The human layer of defense is the greatest asset you have in managing against attacks.

Now that we have all the layers in place, the next step is to establish a process of managing them. Most important is investing time and resources into maintaining each of these layers.

  • Invest in user training, whether it’s developing your own guidelines, or seeking professional help outside your organization.
  • Always keep your antivirus apps and software up to date – ensuring they can combat any new known threats – by deploying vendor patches and updates. Most antivirus programs can be automatically updated, but it takes some configuration to get there.
  • Ensure that monitoring is in place to ensure all yours layers are functional all the time and alerts are generated when something is amiss.
  • Set time aside, on a recurring schedule, to review your firewall settings and content filtering configurations.
  • Keep your finger on the pulse of the latest trends.

Managing against attacks is not a simple task, and it requires time – but the more proactive you are, the greater job you do at mitigating your risk, and the safer your business will be.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *