As well as keeping your anti-virus software or firewalls up to date there are other ways in which you can reduce the
chances of
virus infection or hacking incidents inside your company
Below we list some of the guidelines you might like to consider for safer computing. This advisory is edited based on
information from various security
and Antivirus companies include Sophos, NAV etc.
Have a strict policy in your organisation that downloading executables and documents from the net is unacceptable,
and that anything that runs in your organisation has to be virus-checked and approved first. Unsolicited
executables/documents/spreadsheets etc. should not be run inside any organisation. If you don't know that something is
virus-free assume it isn't. Ideally, staff should not be allowed to have anything they don't actually need. However,
you might want to consider providing a selection of games/screen savers for staff to use which have been
virus-checked.
Block any unwanted file types at the email gateway. Viruses often use file types such as VBS, SHS, EXE, SCR, CHM
and BAT to spread. It is unlikely that your organisation will ever need to receive files of these types from the
outside. If this is the case we recommend blocking all of them at the email gateway - whether they are virus infected
or not.
Some viruses attempt to disguise their true executable nature by using "double extensions". Files such as
LOVE-LETTER-FOR-YOU.TXT.VBS or ANNAKOURNIKOVA.JPG.VBS may appear to be harmless graphic or ASCII text files at first
glance at the file name. We recommend blocking any file which has "double extensions" from entering an
organisation.
Hoax virus warnings and chain letter emails can be as disruptive as viruses themselves. Aside from spreading
misinformation and wasting staff time and resources, it can be very embarrassing for your organisation if an employee
forwards these to contacts or customers. A firm hoax policy such as this should be put in place:
"You shall not forward any virus warnings of any kind to anyone other than (insert name of the department or staff
member who looks after anti-virus issues). It doesn't matter if the virus warnings have come from an anti-virus vendor
or been confirmed by any large computer company or your best friend. All virus warnings should be sent to
(insert name), and (insert name) alone. It is (insert name)'s job to send round all virus warnings, and a virus
warning that
comes from any other source should be ignored."
.
If you don't need Windows Scripting Host, turn it off.
Change the CMOS bootup sequence so that rather than booting from drive A: if you leave a floppy in your machine,
you boot by default from drive C: instead. This should stop all pure boot sector viruses from infecting you. Should
you need to boot from a floppy disk the CMOS can easily be switched back.
Make regular backups of important work and data, and check that the backups were successful.
Keep an eye on Microsoft's security bulletins . These warn of new security
loopholes and issues with Microsoft's software.
Produce a set of guidelines and policies for safe computing and distribute them amongst staff. Make sure that
every employee has read and understood them and that if they do have any questions they know who to speak to.
Use Rich Text Format instead of DOC files which can harbour viruses. You can automatically save all of your Word
documents as RTF by selecting Tools|Options|Save and choosing Rich Text Format as the default format from the drop
down menu.
Do not run, download or forward any unsolicited executables, documents, spreadsheets, etc. Anything that runs on
your PC should be virus checked and approved first.
Any email you weren't expecting should be treated with suspicion, even if it comes from someone you know. It is
worth calling whoever sent it to you to check that they intended to send you the email.
Do not open any files with a double file extension, (e.g. iamavirus.txt.vbs). Under normal circumstances you
should never need to receive or use these.
Do not download executables or documents from the internet. These are often used to spread computer viruses.
Although JPG, GIF and MP3 files cannot be infected with a virus, viruses can be disguised as these file types.
Jokes, pictures, graphics, screensavers and movie files should be treated with the same amount of suspicion as other
file types.
If in doubt, always ask your IT department for advice, do not open the file or email.
If you think you have been infected with a virus inform your IT department immediately. Do not panic or interrupt
other users.
Any virus warnings should be sent to the IT department who can confirm whether or not it is genuine. Do not
forward these warnings to anyone else; unless you are signed up to an official virus alert service it is unlikely to
be a genuine warning.
If you have to work at home ensure that you follow the same procedures there as you do at work. Viruses can easily
be brought into an organisation along with work that has been done on a home PC.
Do not leave password lists to your server lying around on the table.
Do not use simple passwords or easy to remember passwords. These could include your birthdate, vehicle no, home
phone no etc.
Ensure each and every PC has a personal firewall installed.
Ensure that you close your browser whenever an e-commerce transaction has taken place.
Ensure that you clear your browser cache whenever an e-commerce transaction has taken place.
Do not allow the use of IRC facilities for your staff. If you must have a chat system, install an internal chat
system.
Anti-virus software will prevent the vast majority of viruses from entering an organisation but it is not fool-proof.
It is your responsibility to ensure that you don't get infected with a computer virus.
If you want to live in the internet world, then you will have to be aware of the risks and threats involved and
mitigate your risks. It is not your fault that you got hacked. But it is your responsibility to make sure you make it
as tough as possible. If you do not want to get hacked, then do not use the internet or put your web site on the
internet.
ABOUT US
