Sunday, January 24, 2010

How can LAN/System administrators protect their corporate networks against viruses and malicious 
codes
LAN/System administrators should install anti-virus software or malicious code detection and repair software on all servers and workstations, and configure the updating of virus signatures and malicious code definitions to be automatic, preferably on a daily basis. If automatic updating is not possible, manual updates should be conducted at least once a week.
The following should also be considered:
On the network side:
􀂾 Install anti-virus and content filtering gateways to scan all incoming and outgoing traffic. The gateway should stop messages or files with malicious content, quarantine / drop them, and create audit logs for reference.
􀂾
Regularly review and apply the latest security patches/hot-fixes from product vendors to the network operating systems and o gateway devices.
􀂾
Apply the same security protection measures to both production systems and the development / testing systems.
􀂾
Perform full system scans on all computers before connecting them into your networks.
􀂾
Perform full system scans after every installation of a new machine, service maintenance and installation of new software.
On the server side:
􀂾 Always boot from the primary hard drive. If the server must be booted from removable storage media (such as USB drives, USB hard drives, CD, DVD), the removable media must first be scanned for malicious code.
􀂾
Regularly review and apply the latest security patches/hot-fixes from product vendors to operating systems and application programs.
􀂾
Enforce access controls to protect the server. For example, directories containing applications should be set to 'read only'. The 'Write' and 'Modify' access right should be granted on a need-to-have basis only.
􀂾
Use document management solutions when sharing documents so as to minimize any potential propagation of infected files in an uncontrolled manner.
􀂾
Scan all newly installed software before it is released for general use.
􀂾
Schedule regular full-system scans.
􀂾
Perform regular data backups.
In addition, administrators should keep abreast of the latest security advisories by, for example, subscribing to online security notifications and advisories. They should quickly disseminate critical and major computer virus alerts to all end-users, educate users about the impact of massive malicious code attacks, and ensure users follow best practices to protect their workstations against computer viruses and malicious code.

No comments:

Post a Comment