I have been talking about perimeter security. Please keep in mind that all of these are on a really high level because frankly I don’t want to bore you to death with details. It is more about awareness and what you can do to keep safe.
I have talked about the router, wireless threats, threats from other sources not commonly thought of and now we get down to the nitty gritty. The desktop itself. I am not even going to go into laptops, pads and the like at this point because that is a discussion point by itself.
I would say one of the most common calls I get is for a malware infection or virus infection. I know what you are thinking. “Mitch, I thought you were teaching us about perimeter defenses here. Don’t you practice that yourself?” I sure do but the fact of the matter is no matter what system I put in place, no matter how much I monitor it, no matter how tight I have that security there is still one factor out of my control. The user.
I get that question a lot. “How did this happen?” Usually I get that before I look at it. It is like saying my car isn’t running right so what is wrong with it. Until the mechanic can do some looking, discovery and digging he can give you a wild guess but not an answer. Almost always the cause of the infection is the user themselves. They clicked on something, plugged in that USB stick or opened an attachment that they shouldn’t have.
Before I get into the whole clicking on something you shouldn’t I want to stress some precautions that can help at least spread a virus or due a ton of damage but isn’t fool proof. First PATCH that computer. So many of the problems come from companies not putting on those latest updates from Microsoft every 2nd Tuesday of every month. I am a little cautious with this when it comes to doing a patch for an entire organization. There has been occasion (one fairly recent) when a patch can mess up a machine. I wait a day or two to make sure I don’t have to go backwards fast. Another strategy is to have just a couple of machines in an organization as your testers to make sure nothing will blow it up. Then schedule the rollout. There are many ways you can do this which I will not go into here but just set your machine for automatic updates if you are a small company.
Second. Keep your firewall turned on. Many times I run into where someone installed a piece of software and it didn’t work. They turn off the firewall and forget to turn it back on. (The firewall is another layer of protection. Remember the analogy of the bank and the doors. More doors only they are on the PC itself)
Third. Make sure you run some kind of virus scanning. It at least catches the most obvious stuff. The virus scanning programs are becoming less and less effective every day because they have been using that same format and technology for years. The bad guys have figured out ways around that a long time ago (again.. another subject I could write about for a long time)
Frankly the best prevention technique today and probably always will be is TRAINING! I am amazed how companies do not train users on the basics of what to click and what not to click. It is kind of like giving your Son or Daughter a cell phone without teaching the basics of how to stay safe online. Oh wait! That happens too. (Sorry, couldn’t help myself) Maybe a better analogy is showing someone how to drive without teaching them where the brakes are so they can stop before they hit something. I think you get my drift.
In summary, that desktop is usually the culprit (more like the person using it). It may not be because someone is going to a bad site on purpose but with lack of training and recognition of what they are clicking on it could wind up costing a lot of money and a lot of productivity. I try so hard to get clients to see the benefit. By stopping one bad action through recognition it could save a company literally thousands of dollars and a thousand more headaches. Awareness is the key.