I have been talking about perimeter security. Please keep in
mind that all of these are on a really high level because frankly I don’t want
to bore you to death with details. It is more about awareness and what you can
do to keep safe.
I have talked about the router, wireless threats, threats
from other sources not commonly thought of and now we get down to the nitty
gritty. The desktop itself. I am not even going to go into laptops, pads and
the like at this point because that is a discussion point by itself.
I would say one of the most common calls I get is for a
malware infection or virus infection. I know what you are thinking. “Mitch, I
thought you were teaching us about perimeter defenses here. Don’t you practice
that yourself?” I sure do but the fact of the matter is no matter what system I
put in place, no matter how much I monitor it, no matter how tight I have that
security there is still one factor out of my control. The user.
I get that question a lot. “How did this happen?” Usually I get that before I look at it. It is
like saying my car isn’t running right so what is wrong with it. Until the
mechanic can do some looking, discovery and digging he can give you a wild
guess but not an answer. Almost always the cause of the infection is the user themselves.
They clicked on something, plugged in that USB stick or opened an attachment
that they shouldn’t have.
Before I get into the whole clicking on something you shouldn’t
I want to stress some precautions that can help at least spread a virus or due
a ton of damage but isn’t fool proof.
First PATCH that computer. So many of the problems come from companies
not putting on those latest updates from Microsoft every 2nd Tuesday
of every month. I am a little cautious with this when it comes to doing a patch
for an entire organization. There has been occasion (one fairly recent) when a
patch can mess up a machine. I wait a day or two to make sure I don’t have to
go backwards fast. Another strategy is to have just a couple of machines in an
organization as your testers to make sure nothing will blow it up. Then
schedule the rollout. There are many ways
you can do this which I will not go into here but just set your machine
for automatic updates if you are a small company.
Second. Keep your firewall turned on. Many times I run into
where someone installed a piece of software
and it didn’t work. They turn off the firewall and forget to turn it
back on. (The firewall is another layer of protection. Remember the analogy of
the bank and the doors. More doors only they are on the PC itself)
Third. Make sure you
run some kind of virus scanning. It at least catches the most obvious stuff.
The virus scanning programs are becoming less and less effective every day
because they have been using that same format and technology for years. The bad
guys have figured out ways around that a long time ago (again.. another subject
I could write about for a long time)
Frankly the best prevention technique today and probably
always will be is TRAINING! I am amazed how companies do not train users on the
basics of what to click and what not to click. It is kind of like giving your
Son or Daughter a cell phone without teaching the basics of how to stay safe
online. Oh wait! That happens too.
(Sorry, couldn’t help myself) Maybe a better analogy is showing someone how to
drive without teaching them where the brakes are so they can stop before they
hit something. I think you get my drift.
In summary, that
desktop is usually the culprit (more like the person using it). It may not be
because someone is going to a bad site on purpose but with lack of training and
recognition of what they are clicking on it could wind up costing a lot of money
and a lot of productivity. I try so hard
to get clients to see the benefit. By stopping one bad action through recognition
it could save a company literally thousands of dollars and a thousand more
headaches. Awareness is the key.