Editorial: Don't Let Viruses Knock You Out - Page 2
First, make sure that you have a filter on your e-mail gateway that examines any kind of MIME attachment or executable. Next, don't allow any e-mail clients to launch attachments without user intervention. (Don't forget that these attachments can be made to look as if they're innocuous -- Nimda, while carry a payload named "readme.exe", set it up as a MIME attachment that made it look like a .WAV sound file. And also don't forget that .dll files are executables.) Similarly, be aware of any and all users who are set up with network sharing or other peer-to-peer capabilities. These can be major points of failure in network security.
Then, make sure that your users are well-informed. Talk to your HR department about including a FAQ sheet regarding e-mail attachments and viruses when they give out their Welcome Wagon kits, along with their company manuals and insurance information. Send out regular notices (at least quarterly) to all users advising them on how to stay clean. Consider using system recovery software on local machines, such as Microsoft's System Restore, built into Windows ME and other recent Windows variations, or Roxio's GoBack. These programs of late have become transparent background processes to run, and can effect a speedy return of the system and data.
And most importantly, make sure that you scan and backup, backup, backup. Be sure that you are acquiring and deploying all the latest security patches for servers and end-user computers.
At worst, you might have to take a network offline for a couple of hours. But I have to wonder why I continue to read headlines about how many businesses were knocked out by viruses for so long. Again, in most every instance, it is the IT Department who took the network offline -- not the virus itself. I read those headlines as meaning that somebody simply wasn't doing their job.
Regarding larger threats involving telecommunications disruptions, see our article, Assuring Business Data Continuity.
Jim Freund is the Managing Editor of CrossNodes.