Part 3 – Protecting your organisation from Malware

Malware is an abbreviation from ‘malicious software’ and is used to describe any software or web content that can cause harm to your organisation.

Here are six tips to help you protect yourself from the effects of malware:

• Install (and turn on) antivirus software
• Only download apps from a trustworthy source
• Keep all your IT equipment up to date (patching)
• Control the use of USB drives and memory cards
• Switch on your firewall
• Harden your infrastructure

Install (and turn on) antivirus software

You should use antivirus software on all computers and laptops. Antivirus software is often included as standard in popular OS. You just need click ‘enable’.

When it comes to Smartphones and tablets proper configuration of devices should be sufficient and additional antivirus solutions might not be necessary.

Windows comes with its own build in anti-malware solution. It is the Windows Defender. Properly configured can be a good help in keeping your PC safe.

Only download apps from a trustworthy source

Apps from manufacturer approved stores such as Google Play or App Store are checked against malware. Third party apps from unknown sources might not be checked for malicious code and contain such. Make your staff aware of this.

Keep all your IT equipment up to date (patching)

Ensure that the software and firmware on all your tablets, smartphones, laptops, and PCs is up to date with the latest versions from software developers, hardware suppliers and vendors. Whenever possible set your devices to ‘automatically update’ as running the most up to date software is one of the most important things you can do to improve your security.

Control the use of USB drives and memory cards

UISB drives and memory cards can be a vector for malware infestation.

To reduce this risk, apply the following:

• Block access to physical ports for most users
• Use antivirus tools to scan plugged in USB sticks and memory cards
• Allow only approved drives and cards to be used within your organisation – and nowhere else

You can encourage staff to use alternative ways to share files such as via email or through the Cloud.

Switch on your firewall

Most common operating system come with a build in firewall function. You just must switch it on.

Harden your infrastructure

A common error in the use of IT infrastructure – both hardware and software – is the use of it without proper configuration. It is not uncommon for infrastructure components to be added to existing equipment and leaving the default manufacturers settings. This can lead to improper functioning of these and other devices in best case. In worst case scenario, lack of proper configuration can leave the system vulnerable to attack.

Center for Internet Security is a great repository of hardening manuals for various components of IT infrastructure – OSs, databases, browsers, network devices and more. You can access it following this link.

What’s next?

The next article will cover the topic of keeping your smartphones and tablets safe.

Do you require help with protecting your organisation from Malware?

If you have any questions or require help in connection with securing and protecting your organisation from malicious activities, you are welcome to contact us for advice.

Our services cover such areas as Critical Infrastructure Protection, Cloud Services Security or Audits, and Threat Intelligence. For a full list of our services visit our services page – https://seqred.pl/en/services/

Stay safe rather than sorry!

About this guide

The idea for this guide is based on the Cyber Security Guide for Small Business published by NCSC in November 2018. You can access the guide here. To access the repository of Center for Internet Security click here

Powiązane wpisy

Dodaj komentarz