• United States

Disease prevention

Sep 15, 20033 mins
Enterprise ApplicationsSecurityViruses

* Avoiding viruses

This is part three of a three-part series looking at the various areas we need to be concerned about in protecting our networks. Last issue, we talked about maintaining the infrastructure, or patch management, security updates, and downloads. Today, our subject is “disease prevention” or dealing with viruses and their ilk.

Most viruses today are introduced as e-mail attachments, or links within HTML-enabled e-mail (which, in a text-based e-mail client is often rendered as an attachment, so there’s little difference in how to handle them). If you’re fortunate enough to have a colleague who is the e-mail manager/administrator then you probably think it’s their job to handle the e-mail-distributed viruses. It is, of course, but that doesn’t relieve you of the responsibility of protecting the servers and clients on your network. Should a virus escape from e-mail “captivity,” then it’s your problem once again.

Viruses are still spread the way they always have been – through software applications. The tricky part has always been how to get the unsuspecting user to execute the application that launches the virus. Outlook’s “user friendly” attributes also make it “virus friendly,” unfortunately. But security (and halting viruses is a security issue) and user friendliness have always been conflicting goals.

Microsoft has amassed a lot of good material to help you cope with viruses. A good place to start is at – although most of its links are information specific to a particular virus or worm. Nevertheless, reading about the Sobig virus and Code Red worm will give you some insights into best practices and designs to prevent future, similar attacks.

The bottom line for viruses, though, is simple: good anti-virus scanning tools. Constant scanning of incoming e-mail is a good place to start, but there should also be anti-virus scanning software installed (and running) on every computer in your network. It needs to be locked down so it’s always running and it needs to be hard to ignore or override. If you really need to know why, see this story ( from Adam Gaffin’s Compendium about the receptionist and the Sobig virus. Never underestimate the ability of your users to do damage to themselves and the systems they operate.