This blog post addresses malware, viruses, protection, and what you can do to minimize the impact that malicious software has on your business.
First, a bit of background; there are several categories of malicious activity on corporate and business networks. Viruses and Malware are software that installs on workstations within a network and either will attempt to capture information, disable the system through malicious means, or turn your PC into a “bot”. The class that tries to capture information can do this via transmitting data from a PC out to the web, or more frequently, through attempting to con information out of you. You may have seen something like this with malware that disguises itself as an antivirus program and requests a credit card number to clean your system, the end goal of the entire package being to capture your credit card info when you give it to them. The “bot” class of infection often lies dormant until called upon from a controlling system on the internet to activate a workstation as part of a network of systems designed to yield massive amounts of processing power to the authors of the virus. These “botnets” can be used to launch attacks on other networks, send spam, and hack into other systems. In addition to these situations, there are occasions when a third party will try to hack into your network directly. This is unusual but does occasionally happen.
All this said the best defense you have against any kind of attack is having a solid virus protection package and a rugged firewall on your network. This combination will help to fend off incoming and outgoing malicious traffic, while attempting to make sure that the workstations on your network don’t become infected with malicious software. Your workstations should be protected by a solid malware and virus protection package such as AVG or Kaspersky Antivirus. These are fairly robust antivirus packages and should help to prevent the initial or continued infection of a workstation. We are currently recommending Kaspersky security products in most cases as this software provides very solid protection while allowing finite configuration of the protection to accommodate a network’s needs. In addition to protecting the workstations on a network from infection, you should also have a strong firewall in place. Our recommendation is to use SonicWall devices in most situations as they provide an excellent feature set and performance for the price. This will help to prevent common types of port scans and malicious traffic from entering your network from the outside and help to prevent maliciously generated traffic from infected stations from leaving the network. In addition to the Antivirus and Firewall protection, we also recommend running windows updates through a WSUS server or using our MSP offering. This helps to ensure that any security vulnerabilities identified by Microsoft are addressed as quickly as possible with little or no impact to your daily work.