The RSA 2011 Cybercrime Trends Report suggests that cybercriminals are shifting from using malware to target consumer desktops to targeting employees in the enterprise. This Network World article says that contributing factors include employee mobility, the use of social sites and user-driven IT. Taking the topic to experts, Symantec provides a checklist of best practices for stopping malware and other threats in this security-focused article.
“Block P2P usage. The simplest method for distributing malware is hidden inside files to be shared on peer-to-peer (P2P) networks. Create and enforce a no-P2P policy, including home usage of a company machine. Enforce the policy at the gateway and/or desktop, for example, by blocking the main executable file of an unwanted application.
“Turn off Windows AutoRun (AutoPlay). Stop Conficker, Downadup and other network based worms from jumping from USB keys and network drives without changing company polices on Open Shares. Get specific details on this tip from Symantec and from Microsoft.”