Security News Article Week 2
Inoculate against cyber-viruses
Along with the increase in e-commerce we have seen an increase in cyber criminals, viruses, worms, and spyware. Christin Whittington of the Gwinnett Business Journal has documented seven cures that will give IT professional the ability to ward off viruses, cyber thieves, and “malware” (malicious software).
- Install a firewall and an anti-virus program… In addition to firewalls and antivirus programs IT professionals need to keep their software updated. According to the Computer Security Institute’s CSI/FBI 2006 Computer Crime and Security Survey, 97 % of the respondents used both firewall and anti-virus software. Seventy-two percent of respondents reported attacks on their computer systems – mostly from viruses. Companies who where able to quantify losses reported an average cost of $69,125 from a virus attack. Firewall services help to ensure the integrity of a company’s data.
- Employ an intrusion detection system. Intrusion detections systems aide in blocking worms and “denial of service” attacks. Intrusions detection systems also help ensure the integrity of data by preventing intentional attempts to alter data.
- Use anti-sypware programs regularly to clean away malware on computer within the network. Spyware can be downloaded when an unsuspecting user opens a malicious Web Site or clicks on a pop-up. Spyware can consume bandwidth increasing network latency. Regular cleaning spyware from computer will help eliminate unwanted spikes in network latency and ensure network availability.
- Use Web filters to prevent employees from visiting malicious Web sites. Web filters will block employees from downloading sypware and prevents employees from visiting web sites prohibited by company policy i.e. pornography web sites.
- Require stronger password identification methods to guard against unauthorized users gaining access to your network and confidential information. This article recommends the deployment of secure tokens i.e. RSA tokens.
- Encrypt Data in both transit and storage. This is important due to the recently publicized theft of laptops that contained confidential information. Using encryption will ensure the confidentiality of private company information.
- Install patch updates regularly. Vendors regularly provide patches in order to repair discovered vulnerabilities. It is recommended that patches be tested to ensure that no impediment will hamper normal system operations and network up time will be maintained.
Whittington offers IT professional’s references to independent testing organizations that evaluate vendors’ products including firewalls, antivirus, anti-spyware and intrusion prevention systems, along with certification reports:
“The research organization Gartner conducts periodic evaluations of products and services, including outsourcing to managed security service providers. “
Reference:
http://www.gbj.com/content.cfm?Action=story_detail&StoryID=1712