Monday, April 4, 2011

Got Anti-Virus and a Firewall - think you're safe?

We haven't had a virus on a computer in our organization for years. We test and apply the latest security patches. Our Anti-Virus software is installed on every computer. Permissions are set to prevent users from doing anything damaging. Corporate policy states that users can't do the dangerous things that we don't want them to do. And the policies are enforced. Our staff are aware and constantly informed of the evils of software piracy, the dangers of viruses, and so on. They are also taught what to do if they find a breach of policy or detect a virus.

The good news is that our crew is probably better than most. We have a corporate atmosphere that fosters honesty, integrity, and a team atmosphere. The bad news is that a notebook computer was infected by a virus. It happened away from the corporate office and the computer was not connected to our networks. The user notified us immediately. They powered off the machine immediately. They didn't do a nice clean shutdown, they just powered it off. This was all good news for us as well. Our techies, found and cleaned the virus and that was the end of the incident. The virus never got any further.

As a manager, I had several questions and concerns. The big question was how did the virus get past our safeguards? The probability that the user was doing something they shouldn't was honestly the least of my concerns. Our anti-virus software was up-to-date and all safeguards were in place and functioning. I know that even the best anti-virus software can't catch everything. There are new viruses every day and variants of old ones designed to avoid detection. I understand this, but the virus we found was not new.

We did some digging and found the answer. As it turns out, the protection we have would have detected the virus if certain features were turned on. This was a surprise. Several features that you would expect to be on, are off by default! We reviewed all of the settings and made changes to harden the system even further.

We dodged a bullet this time, but hopefully others will benefit from our experience. You may have everything you need for excellent protection. Be sure to check your settings! You may need to turn on more features than you are currently using. It will take a bit of time and cost a bit. All necessary when you consider the alternative.

No comments:

Post a Comment

Your comments are welcome! There may be a slight delay before your comments are posted. To prevent spamming and abuse, all comments are reviewed. Thank you for your understanding.