Security Best Practices – Part 3 – Educate the User

Thursday, March 24th, 2011

This is the last post in our Security Best Practices series. We shared tips on protecting your network and protecting your workstations. Now you need to educate your users so they join you in day-to-day security best practices.

Introduce an anti-virus policy – Produce a policy for safe computing and distribute it to all staff. Make sure every employee has read and understood the policy, and that they know who to speak to if they have any questions.

Such a policy could include:
• A ban on downloading executables and documents directly from the Internet.
• A ban on running unsolicited executables/documents/spreadsheets within the organization.
• A ban on playing computer games or using screensavers which did not come with the operating system.
• An IT checking and approval system for executables that arrive via email from the outside world.

It could also ask staff to do the following:
• Save all Word documents as RTF (Rich Text Format) files as DOC files can harbor macro viruses.
• Treat with suspicion any newly arrived email that they weren’t expecting.
• Forward any virus warnings or hoaxes directly to IT (and no one else) to confirm whether they are genuine or not.
• Inform IT immediately if they think their computer has been infected with a virus.

We hope you’ve picked up some useful tips. If you have others, add them in a comment! We’d love to hear.

Share 'Security Best Practices – Part 3 – Educate the User' on Delicious Share 'Security Best Practices – Part 3 – Educate the User' on Digg Share 'Security Best Practices – Part 3 – Educate the User' on Facebook Share 'Security Best Practices – Part 3 – Educate the User' on Google+ Share 'Security Best Practices – Part 3 – Educate the User' on LinkedIn Share 'Security Best Practices – Part 3 – Educate the User' on Pinterest Share 'Security Best Practices – Part 3 – Educate the User' on reddit Share 'Security Best Practices – Part 3 – Educate the User' on StumbleUpon Share 'Security Best Practices – Part 3 – Educate the User' on Twitter Share 'Security Best Practices – Part 3 – Educate the User' on Add to Bookmarks Share 'Security Best Practices – Part 3 – Educate the User' on Email Share 'Security Best Practices – Part 3 – Educate the User' on Print Friendly

Tags: ,
Posted in antivirus | No Comments »

Security Best Practices – Part 2 – Protect the Workstation

Monday, March 21st, 2011

Continuing our 3-part series on security best practices, this time we offer some tips for protecting the workstation.

Stay up-to-date with software patches – Many software vendors issue advisories on security issues. For instance, Microsoft runs a mailing list that warns of security loopholes and issues found in Microsoft’s software and advises on patches that are available for protection. Customers should subscribe to such mailing lists, and act upon the advisories as appropriate. Software vendors release security updates and patches to address vulnerabilities and exploits and most have functionality to automatically update their products.  ALL software and machines on the network should be configured to take advantage of this functionality and update frequently. 

NOTE: Adobe Flash Player, Adobe Acrobat Reader and Internet browser patches are especially important to keep up to date.

Back up your data regularly – Make regular backups of important work and data and check that the backups were successful. For disaster recovery, you’ll want to maintain up-to-date images of “classes” of user workstations (i.e., staff PC, student PC).

Disable Autorun on removable mass storage devices – One of the biggest infection sources on the network is removable mass storage devices (thumb drives, memory sticks, external hard drives).  Many devices, when connected to a USB port, will be automatically detected and mounted as a drive. USB ports can also allow devices to autorun any software connected to it. This is such a big problem for which Microsoft has released a security patch (http://support.microsoft.com/kb/971029) that blocks autorun on drives other than CD or DVD. Most users are unaware that even the safest and most trusted devices can potentially introduce malware into the network. To prevent any accidents, it is much safer to disable all unused ports.

Install virus scanner on ALL workstations and servers – Not only is it imperative that all workstations and servers on the network have security software installed, but that software also needs to be the most current released version and all definition databases must be kept up to date.  This is another place where automatic update features must be used and monitored to ensure updates are occurring properly. 

It is also important to only have one antivirus product “Active” on a machine at one time.  IF you feel you need multiple levels of defense, we recommend you break it up between Servers and Workstations and not put two products on the same machine.

Catch up on Security Best Practices Part 1: Protect the Network.

And stay tuned for Part 3: Educate the User!

If you have your own tips, please add them in the comments!

Share 'Security Best Practices – Part 2 – Protect the Workstation' on Delicious Share 'Security Best Practices – Part 2 – Protect the Workstation' on Digg Share 'Security Best Practices – Part 2 – Protect the Workstation' on Facebook Share 'Security Best Practices – Part 2 – Protect the Workstation' on Google+ Share 'Security Best Practices – Part 2 – Protect the Workstation' on LinkedIn Share 'Security Best Practices – Part 2 – Protect the Workstation' on Pinterest Share 'Security Best Practices – Part 2 – Protect the Workstation' on reddit Share 'Security Best Practices – Part 2 – Protect the Workstation' on StumbleUpon Share 'Security Best Practices – Part 2 – Protect the Workstation' on Twitter Share 'Security Best Practices – Part 2 – Protect the Workstation' on Add to Bookmarks Share 'Security Best Practices – Part 2 – Protect the Workstation' on Email Share 'Security Best Practices – Part 2 – Protect the Workstation' on Print Friendly

Tags: , ,
Posted in antivirus | 1 Comment »

Security Best Practices – Part 1 – Protect the Network

Friday, March 18th, 2011

In evaluating customer sites, we’ve found some common issues that compromise network security and can open up a network to a virus outbreak.  We’ve compiled these school network security best practices to help you protect your network.

Part 1: Protect the Network

Use strong administrator account passwords – The bad guys are smart.  They are very good at taking advantage of weak passwords like “admin,” “password,” “1111111” and most of the other easy-to-remember passwords that users and admins come up with–Conficker has a list of hundreds of the more commonly used passwords.  Use a combination of upper- and lower-case letters, numbers and symbols for better protection.

Audit network shares – A lot of malware can spread via networks when there is little or no security on network shares. Remove unnecessary shares and secure the others and their contents with access restrictions and strong passwords to limit network-aware malware from spreading.

Define correct user rights for tasks – To increase security, ensure that your users have the appropriate privilege level for the task at hand, and minimize the number of users that have administrator usernames and passwords.

Secure Servers- Do not use servers for accessing the internet for websurfing, social networking, email or other unsecure activities.  These activities, often conducted with administrator accounts, allow malware to compromise the server and gain unrestricted access to the internal network.

Take advantage of the content filter- Some web sites present a high risk for malware attacks, so your content filter is a powerful weapon in protecting the network.  Still, some of these risky sites are in normally unblocked categories. As a result, when you initially block these categories you can expect an increase in user complaints as users can no longer get to their favorite sites.  By proper use of the Blocked for Review process, these complaints will be swiftly addressed (generally within one hour during normal business hours) and the increased security and availability of your network will be worth it in the long run. 

 The categories you should SERIOUSLY consider blocking with the Lightspeed Web Filter are:

ads.javascript-ads
audio-video
computers.filehosting
expired
forums.p2p
forums.social_networking
gambling
games
general
parked
security
security.hacking
security.phishing
security.potentially_unwanted_applications
security.proxy
security.spyware
security.virus
security.warez
suspicious.script
world
world.cn
world.de
world.es
world.fr
world.it
world.jp
world.kr
world.nl
world.pl
world.pt
world.ru

Your Lightspeed solution also allows you options to:

  • Block non-HTTP traffic to blocked IP addresses
  • Block non-HTTP traffic to unknown IP addresses
  • Block unknown URLs and to block links to executable file extensions at sites that are in blocked categories. 

These are all strong protections against malware attacks.

Stay tuned for Part 2: Protect the Workstation and Part 3: Educate the User!

Share 'Security Best Practices – Part 1 – Protect the Network' on Delicious Share 'Security Best Practices – Part 1 – Protect the Network' on Digg Share 'Security Best Practices – Part 1 – Protect the Network' on Facebook Share 'Security Best Practices – Part 1 – Protect the Network' on Google+ Share 'Security Best Practices – Part 1 – Protect the Network' on LinkedIn Share 'Security Best Practices – Part 1 – Protect the Network' on Pinterest Share 'Security Best Practices – Part 1 – Protect the Network' on reddit Share 'Security Best Practices – Part 1 – Protect the Network' on StumbleUpon Share 'Security Best Practices – Part 1 – Protect the Network' on Twitter Share 'Security Best Practices – Part 1 – Protect the Network' on Add to Bookmarks Share 'Security Best Practices – Part 1 – Protect the Network' on Email Share 'Security Best Practices – Part 1 – Protect the Network' on Print Friendly

Tags: , , ,
Posted in antivirus | 5 Comments »