Hi All,
In Addition to the latest version of SEP installed with latest virus definition, the following practice is advised for avoiding spread of Virus/worms in network.
1. Disabling of the AutoPlay option in the Windows ( This will stop Virus from getting executed on insertion of the USB disks, CD , HDD etc which uses the Autoplay feature), nowadays we are seeing that with less user intervention the Virus is designed to autorun.
2.Make regular backups of critical data when data loss results from a virus infection or other security breach, users may be tempted to use compromised files to avoid losing work. Having current data backups available eliminates the need to try to restore data from possibly compromised or corrupted files.
3. Computers connected to the outside world should be properly protected from internet threats via firewalls. Laptops and remote home workers should be protected using host based firewall protection(SEP) as they might not be able to take advantage of a central firewall inside your business.
4. Turn off and remove unnecessary services. By default, many operating systems install auxiliary services that are not critical. These services are avenues of attack. If they are removed, threats have less avenues of attack.
5.Control on the Users Installing unwanted software/Application, this can be done by the Application blocking/System lockdown feature of SEP .
6. Targeted System Scans during the Day which is quick and scans the most vulnerable locations.
7.Scheduled System Scan once/twice in a week with latest virus definition pushed through SEP Manager.
8. Updating the Security Patches on regular basis, also visiting random PCs which has been updated with Security patches to verify the patch as sometimes remote patch installation fails.
9.Turn off file sharing if not needed. If file sharing is required, use ACLs and password protection to limit access. Disable anonymous access to shared folders/Drives. Grant access only to user accounts with strong passwords to folders that must be shared.
10. Take steps to reduce email threats, configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses and other threats.
11.Last but not to be ignored is the User Awareness, which is the most important in preventing a Outbreak situation.
Make sure that users know the basics of safe computing, such as the following:
- Do not share passwords or store them in email or text files.
- Do not open unknown email attachments or email from unknown senders.
- Do not install or run software downloaded from the Internet unless it has been scanned for viruses.
- Laptop computer users: know how to use and update antivirus software. Scan the laptop computer for viruses before reconnecting to the network.
Regards,
Mansoor Rashid