How to avoid viruses, Trojans, worms and spyware
Protecting your company from viruses and other malware is important. Use these guidelines to keep your business running virus-free.
Use anti-virus software
Install anti-virus software on all your desktops and servers, and ensure they are kept up to date. New viruses can spread extremely quickly, so have an updating infrastructure in place that can update all the computers in your company seamlessly, frequently, and at short notice.
Run email filtering software at your email gateway as well, in order to protect your business from the threats of email-borne viruses, spam and spyware. And don’t forget to protect your laptop computers and desktop computers used by home workers. Viruses, worms and spyware can easily use these devices to enter your business.
Block file types that often carry viruses
These include EXE, COM, PIF, SCR, VBS, SHS,CHM, and BAT file types. It is unlikely that your organization will ever need to receive files of these types from the outside world.
Block files with more than one file-type extension
Some viruses disguise the fact that they are programs by using a double extension, such as, TXT.VBS, after their filename. At first glance a file like LOVER-LETTER-FOR-YOU.TXT.VBS or ANNAKOURNIKOVA.JPG.VBS looks like a harmless text file or a graphic. Block any file with double extension at the email gateway.
Ensure all programs are checked by the IT department
Ensure that all programs received from the outside world via email go directly to your IT department or, in the case of small businesses, your IT person, for checking and approval. They can confirm that it is virus-free, properly licensed, unlikely to conflict with existing software, and is suitable.
Subscribe to an email alert service
An alert service can warn you about new viruses and offer virus identities that will enable your anti-virus software to detect them. Sophos has a free alert service. Consider adding a live virus information feed to your website or intranet to ensure your users know about the very latest computer viruses.
Use a firewall on computers connected to the internet
You should use a firewall to protect computers that are connected to the outside world. Laptops and home workers will also need firewall protection.
Stay up to date with software patches
Watch out for security news and download patches. Such patches often close loopholes that can make you vulnerable to viruses or internet worms. IT managers should subscribe to software vendors’ mailing lists, like Microsoft’s Home users who have Windows computers can visit windowsupdate.microsoft.com, where you can scan your PC for security loopholes and find out which patches to install.
Back up your data regularly
Make regular backups of important work and data, and check that the backups were successful. You should also find a safe place to store you backups, perhaps even off-site in case of fire. If you are infected with a virus, you will be able to restore any lost programs and data.
Disable booting from floppy disks
Boot sector viruses are rarely seen now, but you may want to protect yourself from them. Change the bootup sequence on PCs so that they always boot from the hard disk first, rather than trying to boot from floppy disk (drive A:). Then, even if an infected floppy disk is left in the computer, it cannot be infected by a boot sector virus. Should you need to boot from a floppy disk, the setting can easily be switched back.
Introduce an anti-virus policy
Produce a policy for safe computing in the workplace and distribute it to all staff. Such a policy could include;
- Don’t download executables and documents directly from the internet.
- Don’t open unsolicited programs, documents or spreadsheets.
- Don’t play computer games or use screensavers which did not come with the operating system.
- Submit email attachments to the IT department for checking.
- Save all Word documents as RTF (Rich Text Format) files, since DOC files can harbor macro viruses.
- Treat any unexpected email with suspicion.
- Forward virus warnings or hoaxes directly to IT (and no-one else) to confirm whether they are genuine or not.
- Inform IT immediately if you think your computer may have been infected with a virus.
From “Sophos A to Z of computer security”
