Malware - stocking the medicine cupboard

22 November 2017

With cold and flu season upon us it seems pertinent to be talking about infections. Whether it’s avoiding the spluttering of the person next to you on the bus, or giving your red-nosed colleague some extra space, we all take precautions in an attempt to avoid the dreaded autumn cold.

Yet we all get colds. Despite our best efforts, there remains a fundamental issue with trying to control the uncontrollable – our environment and those interacting with it. Maybe we feel assured by having antibacterial gel at hand and a medicine cabinet stocked with Lemsip, but the truth is we can only remove a fraction of the risk.

No doubt you see where I'm going with this. Likening computer viruses to the ones we suffer is hardly breaking new ground - it's no accident that they're called the same thing - but it is striking to consider the traits they share. Much like biological viruses, polymorphic computer viruses are able to mutate to help avoid detection by a system's defences. Also like 'real' viruses, the most infectious attacks are usually those for which systems have no defence: those exploiting zero-day or other unpatched vulnerabilities.

Polymorphic viruses and zero-day exploits present particular headaches in the enterprise. Anti-virus software, which at its core usually tries to match suspect files against known malware signatures, can't block threats it doesn't know about. It works like a flu vaccination: you're protected against strains known to be in circulation, but you're still vulnerable to new ones. In IT, the effectiveness of anti-virus depends on how often its signatures are updated, and also whether it's smart enough to spot variations of a known virus, or virus-like behaviour.

Managing risk

We can't live or work in a bubble, and doing business means communicating and sharing data with people and partners outside of the organisation. It means opening yourself up to risk, and with it the almost certain fact that at some point your first line of defence will be breached. What happens then depends on many things, not least your network design, the intelligence and speed of your anti-virus and security systems, and the quality of your disaster-recovery and backup solutions.

At Ideal, we're experts at mitigating the risks organisations face from threats such as malware, malicious actors, and plain old human error. We've years of experience in best-practice network design, and through partnerships with industry leaders such as Cisco and Palo Alto Networks, we can provide next-generation firewall, endpoint protection and disaster-recovery solutions. And perhaps most importantly, we have the expertise to audit and advise on security measures and disaster recovery strategies, including often overlooked aspects such as staff training.

You can't remove all risks, but with multiple protections and controls you can manage them. If you want to talk about security in your organisation, give us a call.


Image: kanonn/Flickr, Creative Commons