Now, with more paranoia
I spent a lovely day today at a virus remediation seminar. It really was a lovely day -- I just spent it indoors, learning about malware vectors and registry exploits, rootkit scanners and encryption extortion.
Frankly, it's something I normally only dip my toe into now and again, but I took this opportunity to get caught up with best practices and learn what happens and why with the latest viruses, trojans, and botnets. I wasn't disappointed. Along with my new-found understanding of the registry, I have a handful of new tools and techniques to attack the malware that seems to be plaguing my office. The whole experience really spoke to my inner geek.
I am, however, way more paranoid than I was only yesterday. This is probably a Good Thing.
The best thing that came out of it was the realization that it's really easy to prevent most infections and otherwise escape infection without major expense. Here's a summary of malware protection "best practices":
1) Keep regular backup images of operating disks and multiple automated backups of all data.
-- Seriously. The danger of losing expensive applications and valuable data is extreme: any or all can be corrupted or destroyed with a little effort. There is no fallback position better than a recent disk image and a folder of registered software keys.
2) Keep everything up to date all the time.
-- So many malware vectors depend on outdated versions of the system or helper programs (like Flash and Java), there simply is no better method of virus prevention than keeping up with updates. Run update utilities regularly.
3) Don't wait for symptoms to appear: run in-depth malware scans regularly from an alternate operating system.
-- Malware writers don't want their victims to notice the infection. Active prevention applications are valuable, but cannot match the effectiveness of a foreign OS scan. Most modern antivirus packages include such a feature.
Frankly, it's something I normally only dip my toe into now and again, but I took this opportunity to get caught up with best practices and learn what happens and why with the latest viruses, trojans, and botnets. I wasn't disappointed. Along with my new-found understanding of the registry, I have a handful of new tools and techniques to attack the malware that seems to be plaguing my office. The whole experience really spoke to my inner geek.
I am, however, way more paranoid than I was only yesterday. This is probably a Good Thing.
The best thing that came out of it was the realization that it's really easy to prevent most infections and otherwise escape infection without major expense. Here's a summary of malware protection "best practices":
1) Keep regular backup images of operating disks and multiple automated backups of all data.
-- Seriously. The danger of losing expensive applications and valuable data is extreme: any or all can be corrupted or destroyed with a little effort. There is no fallback position better than a recent disk image and a folder of registered software keys.
2) Keep everything up to date all the time.
-- So many malware vectors depend on outdated versions of the system or helper programs (like Flash and Java), there simply is no better method of virus prevention than keeping up with updates. Run update utilities regularly.
3) Don't wait for symptoms to appear: run in-depth malware scans regularly from an alternate operating system.
-- Malware writers don't want their victims to notice the infection. Active prevention applications are valuable, but cannot match the effectiveness of a foreign OS scan. Most modern antivirus packages include such a feature.