SANS 20 Critical IT Security Controls: #12: Malware Defenses

One of the most vulnerable security areas is malicious software that hackers piggyback on to steal your data. Companies may suddenly find their E-Mail systems hacked because an employee unwittingly opened a malicious email attachment. Hackers target companies through malicious software that gains entry to your system though email attachments, web browser and mobile devices.

To counteract malware, you must use antivirus and anti spyware software. Tools such as this can detect malware and block their execution. If you want to get the most out of these anti malware tools, you must ensure that your security folks are updating the software on a daily basis – antivirus software that’s not actively updated is only going to fool you into thinking that you’re protected, when you really aren’t. Do not rely on your users to keep the anti-malware tools up to date. You must automate the update process for all malware detection tools. Administrators must also trap all malware detection events to the anti-malware administration tools and event log servers.

Employees may often use thumb drives and other removable media to work. You must ensure that your computer systems (including laptops) don’t automatically run connect from any type of removable media. You must configure all your systems to run an automatic anti-malware scan of any removable media before allowing their use in any computer system.

Companies must also ensure they have a strong Intrusion Detection System (IDS) in place to protect against malware attacks. You must also deploy honey pots or tar pits to trap attacks on your system. Before any of your employees can connect from an external source, make sure that you test their machines for compliance with your security policy, before letting them log on to your enterprise systems.

Leave a Comment

Your email address will not be published. Required fields are marked *


Contact Us

If you have an urgent question regarding your software licensing or a software audit, please contact Miro right away.

(732)738–8511 x1208
Use the chat box on the right

About Us

Miro is a leading global provider of software asset management services, specializing in license management, audit advisory, negotiation tactics, support management, and cloud services. We help our clients maximize ROI on their software license investments, stay in compliance, and minimize the impact of audits. Miro's performance guarantee promises that our long-tenured, diverse, and passionate team of expert analysts provides insightful and actionable advice to help our clients achieve the best possible outcomes.

Performance Guarantee

Miro’s no risk Performance Guarantee is that the amount of cost savings that we uncover will be more than our fees.


Managed Services for Oracle Licensing

Miro’s Managed Services for Oracle licensing is a best practice approach for an organization to optimize and outsource the practice of Software Asset Management to specialized external experts to ensure the organization’s compliance with vendor rules and policies.

Learn More