Malware is a major threat to every organization here are some important preventative measures.
Editor's note: This is part otwo of a two part series. In part one entitled: Tech CEO on Preventing Ransomware and Other Malware Disasters covered Small business owners and IT executives must recognize that robust malware detection and prevention policies and procedures are multi-faceted and multi-layered – addressing applications, devices, infrastructure, networks, personnel, and systems.
There are five steps that organizations can take to minimize the risks of malware attacks.
They five steps are:
1. Ensure one is adequately protected and secured at all levels
2. Keep current with the software patches
3. Audit policies and processes and test backup and recovery
4. Perform proactive detection
5. Recover quickly and communicate the status
While adequate protection sounds easy, it can be quite complicated, as it needs to include processes, procedures and tools covering applications, databases, end-user and IoT devices, infrastructure, networks, and system components. It also means that the organization performs frequent backups of applications, data and systems and that these backups are secured and not connected to networks or systems that can be attacked.
In that there may be a delay period between the initial hack and the lock up of the systems, users should have multiple backups taken at different times in place so that the odds of recovery are increased.
Software vendors continually update their software to new versions and to fix bugs that keep cropping up.
Some flaws are critical, which means they are the most vulnerable to being used as points of attack. Users must install the latest versions (such as Microsoft Windows 10) and the patches as soon as they receive them.
However, this tends to not be the case for most organizations and especially users that are responsible for their own devices, such as BYOD laptops and smartphones.
It only takes one single point of entry for malware to gain access to a system and then contaminate the whole network. Thus, it is important to not be lackadaisical about keeping software current and patched.
Companies must audit
Companies must audit their policies and processes and assess their controls and frequency of controls at a minimum once yearly and after any significant attack.
The rate of technological change keeps increasing and enterprises need to ensure their risk exposure remains acceptable at all times. Part of that includes testing backup and recovery processes.
One needs to ensure it is possible to switch over to the backup software and/or systems successfully and can recover all necessary applications and data from a particular recovery point and time.
There are numerous software and SaaS solutions available that can be used to perform proactive detection against malware. It is also advisable that firms employ third parties to do penetration testing as a preventative measure.
While all these items can add up to an expensive security package, the alternatives can be much worse. The key is knowing what one's risk exposure is.
Next page: Recovering from a malware attack and Summary
About the author
Mr. Braunstein serves as Chairman/CEO and Executive Director of Research at the Robert Frances Group (RFG). In addition to his corporate role, he helps his clients wrestle with a range of business, management, regulatory, and technology issues.
He has deep and broad experience in business strategy management, business process management, enterprise systems architecture, financing, mission-critical systems, project and portfolio management, procurement, risk management, sustainability, and vendor management. Cal also chaired a Business Operational Risk Council whose membership consisted of a number of top global financial institutions.