SANS 20 Critical IT Security Controls: #12: Malware Defenses

One of the most vulnerable security areas is malicious software that hackers piggyback on to steal your data. Companies may suddenly find their E-Mail systems hacked because an employee unwittingly opened a malicious email attachment. Hackers target companies through malicious software that gains entry to your system though email attachments, web browser and mobile devices.

To counteract malware, you must use antivirus and anti spyware software. Tools such as this can detect malware and block their execution. If you want to get the most out of these anti malware tools, you must ensure that your security folks are updating the software on a daily basis – antivirus software that’s not actively updated is only going to fool you into thinking that you’re protected, when you really aren’t. Do not rely on your users to keep the anti-malware tools up to date. You must automate the update process for all malware detection tools. Administrators must also trap all malware detection events to the anti-malware administration tools and event log servers.

Employees may often use thumb drives and other removable media to work. You must ensure that your computer systems (including laptops) don’t automatically run connect from any type of removable media. You must configure all your systems to run an automatic anti-malware scan of any removable media before allowing their use in any computer system.

Companies must also ensure they have a strong Intrusion Detection System (IDS) in place to protect against malware attacks. You must also deploy honey pots or tar pits to trap attacks on your system. Before any of your employees can connect from an external source, make sure that you test their machines for compliance with your security policy, before letting them log on to your enterprise systems.

Leave a Comment

Your email address will not be published. Required fields are marked *