Gone are the days when a careless user would infect their machine with a rogue floppy disk, and we’d all look on in dismay as the data disappeared and the monitor went blank.
It may have even added a modicum of excitement into an otherwise tedious day. However, we can no longer afford to simply look on in horror. Now we have a far bigger problem to contend with, viruses have found a ticket to ride. It's simple - have email, will travel!
Even with the most up-to-date virus signatures, gateway and workstation protection, the blighters get through, so where are we going wrong? It could be the vast array of solutions that promise to stop all malicious code (whether known or unknown) from entering our systems, which is confusing the matter further. But whatever it is, the corporate world is still being caught with its pants well and truly down. We can't blame the developers of computer security software for the confusion; they deliver the goods and if we take them up we need to also instigate other changes into our business practices to make them work. The saying "man cannot live by bread alone" applies to many situations and this is one of them. There are no miracle cures, just commonsense, a few stable solutions, and the will to win. We need to reduce the risks and provide a structured approach to the problem using different tools to protect various problem areas.
Analyzing the legitimate email use of you and your employees, and stopping unauthorized activity, will help to control a certain number of these vulnerable areas. However, once you've decided what you actually use, and more importantly, need, your corporate email for, then it's about time you ensured no other use is permitted. If you don't have any need for documents with a certain extension, then disallow them; if you don't feel auto-view in Outlook is necessary and that it may aid the spread of, say the Frethem J 'Re: Your password!' worm, then it's time to disable it. Don't leave things to chance, if you don't need attachments coming in, stop them, or at the very least ensure only the few personnel that require this facility have access to it. If downloading is not needed, stop it; if users shouldn't access their Hotmail accounts in work, use a policy management solution to disable their access through your system.
Now review your corporate anti-virus: is it up-to-date, easy to manage and does the developer provide fast answers to new and potentially dangerous exploits? If you are happy with the solution that's in place you're ready to progress to stage two. (If not, re-evaluate other AV solutions and find one that does what you want.) Now, enlist the help of a product (this may already be delivered within your policy management solution) that identifies files and folders, and their extensions, to enable you to set permissions on what can and cannot be run or opened on your network. Look at content checkers too. Content checkers and anti-virus, together with a security policy written in stone, will enable a far better grasp on security, raise your chances in your war against the virus writers and provide less risk of an infection affecting productivity. It's not that the technology to fight the battle is inadequate, but simply that the strategy on the battlefield has been ineffectual. Maybe our approach has been flawed, a little lackluster and too haphazard to really make a significant difference.
Layered security, like a well-structured army, can provide the protection to stop these loose cannons from firing. Strategic planning and careful deliberation, planning your defensive role and not yielding to the enemy, is the only way to win the war. The truth of the matter is this: we already have the capability not only to defend but to win time and time again. Unfortunately, our battle plan has been flawed and our troops may be tired and in need of some R and R, but with a little thought and a few well-chosen solutions to add to your frontline defenses, you are ready to meet the enemy, take them on and win!
Jayne Parkhouse is reviews editor for SC Magazine (www.scworld.com).