Use anti-virus software
Install anti-virus software on all of your desktops and servers, and ensure
they are kept up to date. Because new viruses can spread extremely quickly, it
is important to have an updating infrastructure in place which can update all
the computers in your company seamlessly, frequently, and at short notice.
Run a consolidated email filtering solution at your email gateway as well to
protect your business from the threats of email-borne viruses and spam.
PUREMAIL a managed email security service from
Computerstuff, checks all email traffic passing through your email server,
providing an extra layer of protection against mass-mailing worms and viruses
at the gateway.
And don't forget to protect your laptop computers and desktop computers used
by home workers. Ensure they are running up-to-date virus protection as viruses
and worms can easily use these devices to enter your business.
Use PUREMAIL filtering
We filter potentially malicious emails at the server level, as this can
provide a level of pro-active protection against new virus threats.
PUREMAIL will:
Block file types that are often virus carriers
These include EXE, COM, PIF, SCR, VBS, SHS, CHM and BAT file types. It is
unlikely that your organisation will ever need to receive files of these
types from the outside world.
Block any file with more than one file type extension
Some viruses attempt to disguise their true executable nature by using
"double extensions". Files such as LOVE-LETTER-FOR-YOU.TXT.VBS or
ANNAKOURNIKOVA.JPG.VBS may appear to be ASCII text or a harmless graphic to
the inexperienced.
Block any file with embedded scripts or Iframes This catches HTML-based email with embedded Scripting code, Javascript or IFRAMEs which can run remote executable content on some email programs and are therefore dangerous.
Stay informed about the latest virus threats
Subscribe to Anti-virus mailing lists for up-to-date information on the latest virus
threats, support information, and new product developments.
Protect the gateway and remote users with firewalls
Computers connected to the outside world should be properly protected from
internet threats via firewalls. Laptops and remote home workers should be
included; they will also need firewall protection and might not be able to take
advantage of a central firewall inside your business.
Stay up-to-date with software patches
Many software vendors issue advisories on security issues. For instance,
Microsoft runs a mailing list which warns of security loopholes and issues found
in Microsoft's software and advises on patches which are available for protection.
The IT department should subscribe to such mailing lists, and act upon the advisories as appropriate.
When a new security hole is found in an application or operating system, and a
patch is available, organizations should have an infrastructure for testing the
patch works properly and rolling that patch out across their user base. Some
vendors may provide automatic patch updating for home users, and such systems
may be appropriate for updating your mobile workforce and remote home workers
with the latest security fixes.
Back up your data regularly
Make regular backups of important work and data, and check that the backups
were successful. You should also find a safe place to store your back-ups,
perhaps even off-site in case of fire.
Disable booting from floppy disks
Although they are not as commonly encountered as they used to be, boot sector
viruses can still affect computers and yet can be easily countered. Change the
CMOS bootup sequence on PCs so that rather than booting from drive A: if you
leave a floppy in your machine, you boot by default from drive C: instead. This
should stop all pure boot sector viruses (like Form, CMOS4, AntiCMOS, Monkey,
etc) from infecting you. Should you need to boot from a floppy disk the CMOS can
easily be switched back.
Introduce an anti-virus policy
Produce a policy for safe computing and distribute it to all staff. Make sure
every employee has read and understood the policy, and that they know who to
speak to, if they have any questions.
Such a policy could include:
A ban on downloading executables and documents directly from the internet.
A ban on running unsolicited executables/documents/spreadsheets within the organisation.
A ban on playing computer games or using screensavers which did not come with the operating system.
An IT checking and approval system for executables that arrive via email from the outside world.
It could also ask staff to do the following:
Save all Word documents as RTF (Rich Text Format) files as DOC files can harbour macro viruses.
Treat with suspicion any newly arrived email that they weren't expecting.
Forward any virus warnings or hoaxes directly to IT (and no-one else) to confirm whether they are genuine or not.
Staff should inform IT immediately if they think their computer has been infected with a virus.