Security 1-2-3

Over the past 2 years, I’ve seen the rate of malware attacks climbing at an accelerated rate. This is due largely in part to the evolution of malware as a lucrative crime combined with sophisticated, easy-to-use platforms that are designed for and marketed to non-technical users. Previously, successful viruses and their code were jealously guarded and the purview of an elite “cadre” of hackers who would advertise their creations as badges of honor. Now these same cadre of malware programmers are racing to bring product to a highly competitive market. Malware is a business, and business is good.

What this means for you:

It’s not just an assumption that you will be targeted by malware. It’s most likely a fact. Malware makes its handlers money by casting the widest net possible, which means everyone is a target, and the attack platform that can prey on the most victims wins. With that in mind, the safest mindset to adopt is that your technology will be or already is under attack, and you must gird yourself for the onslaught. Here are 3 ways to prepare, plus one less-obvious way that may or may not be practical for most organizations:

1. Install a good firewall on your network periphery. Though most ISP-provided routers come with some basic firewall functionality, your business or organization should be protected by a professionally managed firewall that can provide what’s known variously as “Unified Threat Management” or “Gateway-based Defense”. In a nutshell, these devices sit on the entry point of your organization’s internet connection and monitor all data going in and out, scanning for malware, hacking attempts, objectionable content and spam. This is your first line of defense, and if maintained properly, can protect you from numerous threats 24/7/365.
2. Use effective malware protection on your vulnerable technology. Even assuming you have some sort of protection on your network periphery, there’s still plenty of ways for malware to get inside your network, and once they are “inside the gate”, your computer or server’s only protection from a really bad day is the anti-malware you’ve installed locally. This software should have some form of active protection (always-on scanning, port blocking, etc.) and not something that has to be run in order to detect or cleanup a malware incursion. If malware isn’t detected and handled the moment it approaches your computer, it’s too late.
3. Back up your data. Sad as this fact is, no anti-malware is 100% effective. Your machine will get infected and at that point, the only way you don’t lose this battle is if your data is backed up and isolated from infection. This means offsite backups, with at least 7 days of historical versions just in case the backup software unknowingly backed up infected files (which it can and will do if you don’t catch it quickly enough).
4. Disconnect from the internet. If the above 3 items are beyond the reach of your organization for either budgetary or technical reasons, this rather drastic alternative is very effective. Even though it may be impractical for most companies, approaching this problem from this perspective may lead to some creative changes in operations and employee behavior. As a simple example: block access to social media sites on work computers, but provide separate, isolated wifi for mobile devices that allows them to scratch that itch on their own devices.

Image courtesy of graur razvan ionut at FreeDigitalPhotos.net