Member ID
  
 
Password
  
INCORPORATE YOUR BUSINESS
MyCorporation.com can assist you with forming your Corp or Limited Liability Company (LLC's) in any state without any Legal Fees! It's easy & affordable.

Protect your files from Viruses

With more than 45,000 known viruses and many new and altered viruses being discovered every day, you need accurate, up-to-date information at your fingertips. The virus threat is real. It is not the world-shattering problem sometimes outlined in the pages of the press; nor is it the non-existent 'urban myth' suggested by others. Many 'in the wild' viruses cause no damage; but a significant number are specifically designed to cause data loss. It is important to identify those areas of the company which interface with the outside world; and which are the likely source of a virus infection. The appropriate anti-virus tools should be selected, designed to provide a layered defense of the system (perimeter defenses, in-depth protection of laptops PCs, desktop PCs and servers, etc.). It is important to look at the way data is handled within your company; and to take routine precautions to minimize the risk of infection.

What is a Virus?

A virus is a piece of self-replicating code; in other words, it is software which is designed to copy itself. Boot sector viruses infect the boot sector of floppy disks and the partition sector [or, in some cases, the boot sector] of hard disks, when the PC is booted from an infected floppy disk. Executable file viruses infect program files, on local drives or network drives. Macro viruses infect the macros within document and spreadsheet files.

In addition to the code necessary for the virus to copy itself, most successful 'in the wild' viruses try to conceal themselves from users and from anti-virus programs [if a virus quickly draws attention to itself, it is unlikely to spread very far]. Some viruses contain a payload; this may be anything from a screen display, or message, or damage to data files. However, not all viruses contain a payload. If the virus does contain a payload, there must be a trigger which causes the virus to deliver its payload. The trigger may be a particular system date, the number of re-boots, the number of floppy disks infected or something else which software can be designed to do.

Identifying the Threat

You can't manage what you can't measure! In order to implement an effective anti-virus strategy, it is essential to identify the sources of any possible virus infection. You should consider the following:

  • Floppy disks and CDs brought into your business [including shrink-wrapped software from original manufactures, disks from other organizations [suppliers, marketing agencies, etc.] bring with them the risk of virus infection. The movement of floppy disks and CDs between different sites within a company may also help to spread a virus. Boot sector viruses [which spread via floppy disks] are still common; and viruses have been found on CDs.
  • Desktop PCs used at home [and laptop PCs] are a potential source of virus infection. The use of laptop PCs, in particular, has become commonplace in the last few years. Floppy disks and CDs used in these PCs may not have been checked for viruses. And the employee may not be the only person using the PC [spouse, children, friends, etc.]. It is important to recognize that these PCs, which are not under the direct control of a company, may be more exposed to virus infection than those which are under the direct control of the company.
  • The use of e-mail within corporate organizations provides an effective way for viruses to spread. It is not possible to become infected by a virus simply by reading a text message, however, e-mail attachments are a potential threat. Since the advent of macro viruses, which infect documents and spreadsheets, e-mail has become a very effective mechanism for spreading viruses. If a document or spreadsheet is infected, it can become widespread very quickly by being attached to an e-mail message. This is true even of an e-mail system, with no connection to the outside world. If users are able to send and receive e-mail via the Internet, the threat becomes even greater.
  • Use of the Internet is a further potential source of infection. If any users within a company have direct access to the Internet [this includes access to CompuServe, America Online, the World Wide Web, etc.] they are able to download a vast range of material [including programs and documents] . . . all potentially infected. Any file downloaded could contain a virus. Unprotected access to the Internet can provide a virus with a springboard within your company.

Minimizing the Virus Threat

There are several steps you can take to minimize the risk of your company becoming infected by a virus and, if a virus does breach your defenses, to minimize the risk of data loss:

1.      Taking regular backups of data on your system is the most important precaution you can take against data loss, whether that data loss is the result of hardware or software malfunction, or virus infection. It is important to ensure that you are able to restore data from these backups. You should also ensure that you have clean copies of all your executable files on floppy disks [these disks should be kept write-protected].

2.      You should ensure that ALL incoming software comes from reputable sources. It is a common, though mistaken, belief that shareware, free disks or games are the only source of viruses: while such software can be a source of viruses, it is the source - NOT the function - of software which is important [viruses have been found on shrink-wrapped software distributed by major companies, and on disks sent out with hardware]; the playing of games is primarily a management issue, rather than a virus issue 'per se'. For this reason, ALL incoming floppy disks should be checked for viruses.

3.      Floppy disks are a common means by which viruses are spread [boot sector viruses, which represent a large proportion of the viruses, can be spread only on floppy disks]. The management of workstations, particularly in relation to the use of floppy disks, can help to minimize the risks of infection by boot sector viruses.

  1. Cultivate the habit of write-protecting floppy disks, wherever possible, to prevent virus infection.
  2. Discourage users from leaving floppy disks in the drive when PCs are switched off, to prevent PCs from being inadvertently booted from a floppy disk infected with a boot sector virus.
  3. If users do accidentally boot from a diskette, encourage them to power-off and re-start the PC, rather than continuing the boot process.

4.      Network management can go a long way towards preventing the infection of files stored on a network. The system administrator can do a lot to protect a network against the possibility of virus infection, simply by making use of the built-in security features offered by most network software. When a user logs-in to the network, the network software checks, by means of a password, to see what rights have been assigned to that user by the network supervisor. If there is a virus memory resident on that user's PC, it has only the same rights as the logged-in user. By setting files to 'execute-only', the network supervisor can ensure that users are able to run software without being able to change it; and if the user is unable to change software, then so is the virus [this may also be done for data files, by setting them to 'read-only']. The situation is different on the workstation itself: here the user is able to change file attributes, using routines made available by the operating system; and if the user is able to do this, then so is any virus which is memory resident on that user's PC.

Anti-Virus Tools

It is important that your company is equipped with the right tools with which to implement an effective anti-virus strategy. Such a strategy should be based on the prevention of virus infection, the earliest possible detection of any virus which breaches your company’s outer defenses and should a virus spread within your business, recovery and a return to normal business, as quickly as possible. You should consider the following when selecting which tools to use. The tools described below are designed both for prevention and early detection of viruses.

  • If a specific PC is used to check incoming floppy disks and CDs, this will provide early detection of a virus, before the infected floppy disk or CD is used within the company’s main system. The specified PC should be stand-alone [to avoid the risk of a virus infecting the network]. In a large company, it may be advisable to use several specified PCs [one per building, one per department, etc.].
  • All PCs should be protected with an Anti-Virus scanner to provide the first layer of protection. The scanner will scan disks and files before they are used]. The user will be given a pop-up warning, to identify the virus; and the user will not be able to use the infected disk or file. Scanners provide protection for floppy disks, local hard disks and network drives. Some scanners may be configured to auto-disinfect, so that disks and files may be cleaned automatically, on detection. This makes anti-virus management easier [virus removal is carried out automatically, rather than by your technical person]. Some scanners may be configured to log all virus incidents, allowing you to monitor all virus incidents.
  • Network servers should be effectively protected [programs and documents may be located on shared network drives; if they become infected, a virus will be able to spread via the network]. At the very least, network drives should be scanned regularly from a system administrator's PC.
  • The increased use of e-mail systems and the threat from e-mail attachments [mainly infected Word for Windows documents] means that a virus can spread very quickly throughout a company. If a company has an e-mail connection to the Internet, this threat increases dramatically. Although some scanners will prevent access to infected e-mail attachments, this still leaves the logistical problem of removing the infected e-mail attachment from the mail-server [and the possibility of an unprotected workstation becoming infected]. This risk can be minimized by scanning e-mail as it enters [or leaves] the company. If e-mail is filtered in this way, it reduces the risk of a virus reaching any of the workstations. This adds an additional layer of protection, at the perimeter. However, it does not eliminate the need for Anti-Virus Scanners on the workstations; remember that e-mail is not the only method by which viruses can enter a business [floppy disks, direct dial-up to the Internet]

What Users Need to Know

The anti-virus tools deployed throughout your company are the most effective means of preventing the infection and spread of a virus. The company’s 'perimeter defense' minimizes the risk of a virus entering the company. The company’s 'in-depth', desktop protection operates in the background, preventing access to infected disks and files with minimal input required from the user. Server protection adds a secondary layer of defense 'in-depth'; and makes it easier to administer the anti-virus strategy.

The more your anti-virus strategy can be lifted out of the hands of your users, and the more automated the anti-virus scanning, the easier it will be to manage. Remember that users are fallible; and that, in their eyes, 'the virus problem' is the company’s problem.

Nevertheless, any comprehensive anti-virus policy should include guidelines for users, outlining the ways in which they are expected to handle data so as to minimize the risk of infection. You should consider the following.

1.      The company should specify a series of rules, defining how data should be handled within the company. These rules should be simple and clear, or they will not be read and/or understood by users. They should specify what users must, or must not, do. Examples of such rules might be:

  • only authorized software should be used within the company [complete with details of what is meant by 'authorized'];
  • all virus incidents should be reported to a specified Department;
  • employees should take reasonable precautions to avoid the possibility of virus infection [where 'reasonable precautions' means following the specified rules and procedures]. It should be considered a breach of company discipline if employees fail to comply with the specified rules and procedures. Remember that if you do not specify such rules, it will be very difficult to take disciplinary action against anyone who willfully [or recklessly] breaches your anti-virus defenses.

2.      The procedures which employees should follow, when handling data, should be clearly outlined. For example, clear details should be given on how incoming floppy disks and CDs should be checked; and whether this is to be done on a separate PC, or by the users themselves.

3.      You should consider providing some form of education for users. It is inadvisable to make such 'virus awareness' or 'security' training too intense; the message should be simple and clear. Users should be made aware of the possible consequences of a virus infection. If users understand the way a virus could impact on them, they are more likely to follow the rules and procedures designed to keep the company virus free.

 



3111 N University Drive Ste 800, Coral Springs, FL 33065, Phone: (954) 757-2525, Fax: (954) 757-2534
Toll Free: (877) 411-6691, E-Mail: Info@4smallbusiness.com

© 2007,2008 4smallbusiness.com
..