- 03 Jan
How to Prevent Malware
Malware (short for “malicious software”) is the catch-all term encompassing all the unwanted software that can invade your programs, files, and networks. There are many types of malware – viruses, trojans, spyware, worms, ransomware, and RATs (remote access tools) are some of the most common.
Malware prevention calls for a tiered approach. No single tool can protect your network and users from all of these threats. But if these tools are deployed in combination, you can place a robust barrier between yourself and the malicious hackers who would infiltrate your system for fun or profit.
Here are the types of automated tools that make up a comprehensive, tiered anti-malware solution:
1. Network firewall – A firewall with advanced security features, also referred to as an “edge device,” is located between the Internet and your network. The appliance not only screens for malware at this gateway but inspects web use and other network activity for exploits and hacking attempts. At Analytics, we use the gateway firewall products from SonicWall® and offer Security Protection as a Service (SPaaS) for this first layer of defense.
2. Anti-virus software – These programs are installed at the user level on each device. They fill an important security gap because a firewall can’t protect users from malware in documents and emails that find their way onto a device through outside channels – such as through internal networks or on USB drives. We use the anti-virus software products from Trend Micro®.
3. E-mail security gateway. The third tier of protection focuses on e-mails – scanning them for problems before they reach the mail server and the user’s inbox. At Analytics, we use email screening solutions from Barracuda®.
The final tier of protection relates to user practices. Employees can be the weak link in any system, so be sure to offer continual education and reminders around these cautionary points:
1. Be very suspicious of unexpected emails from sources you don’t normally deal with. Not all of these ploys are as obvious as a plea for money from a Nigerian prince! In other words, if you didn’t ship a package, don’t open an email telling you about the status of your shipment!
2. When you receive an email that’s spam or a threat, be sure to tell your IT service provider about it so they can research how it reached you and block it from reaching others.
3. Don’t rely on free malware protection software. You get what you pay for.
4. Don’t rely on the home-use versions of malware protection software. Their reports on intrusion attempts and other threats will go only to you, and you may not know where to find them. And if someone or something disables your software, you may never know. Always use enterprise-level products in a business setting so an administrator can monitor those potential vulnerabilities.
5. Make sure your networks are configured properly. For example, if firewalls are not set up correctly you could be exposing your network.
Work with an experienced IT Managed Service Provider (MSP) who can support you on all of these levels. The days are long gone when business owners could “dabble” in IT and figure these things out for themselves. A misstep in your IT security could have disastrous consequences. You’re a pro in your business space; bring in an IT pro to handle your IT security. Let Analytics be your IT pro!
Let’s have a conversation today. We’re just a phone call or email away. Contact us!
About the Author