Welcome to the WEI Tech Exchange Blog

What Enterprises Need to Know About Malware

Written by Michael Thweatt | Aug 16, 2016 12:45:00 PM

Surely you’ve seen rampant news reports of malware breaches and incidents of cyber hacking at enterprises around the world. From hospital hackings to financial services heists, digital criminal activity is a very real threat in today’s business climate. Read on for the details your enterprise needs to know about malware, in addition to three tips to protect your organization.

What is Malware?

Malware is any type of software that is used to disrupt regular computer operations; it stands for Malicious Software. Malware is defined by the creator’s malicious intent, rather than physical features; it is commonly employed by cyber hackers aiming to take control of an operating system remotely and wreck some sort of havoc, whether it be the stealing or corruption of files, or to breach other components of the network environment.

This is especially dangerous for enterprises, since they generally run multiple computers on the same network; a breach in security at one computer via the introduction of malware could mean compromising the security of all other computers at the business, especially if network segmentation is absent or not set up correctly.

While malware is a catch-all term for malicious software, it can come in many different shapes and forms. According to The Antivirus Store, malware can take the following forms:

  • Spyware
  • Viruses
  • Worms
  • Crimeware
  • Trojan Horses
  • Adware
  • Rootkits
  • Spam
  • Botnet
  • Phishing
  • Phishing
  • Mobile Threats

 

3 Tips for Avoiding Malware

  1. Don’t Open Suspicious Email Attachments

    Many browsers have default settings where files are downloaded as soon as they clicked or opened; this can be dangerous if the file is a piece of malware. Educate your entire team frequently on the importance of only downloading and running trusted files; all it takes is one mistake for malware to infiltrate your network.

  2. Use a Trusted Antivirus Program

    There are lots of options for home or small network antivirus programs, but these choices generally aren't comprehensive or powerful enough to protect the enterprise. According to Tech Republic, the best antivirus defenses are centrally managed and controlled internally. Here are their five recommendations:

    1. Avast! Endpoint Protection Suite: With two unique offerings for endpoint security management, Avast!'s basic endpoint protection program provides file server protection, remote management and endpoint protection. Its second offering adds anti-spam email server protection and a software firewall.
    2. F-Secure Business Suite: Enterprise-ready, this tool provides the same basic protections. According to Tech Republic, "F-Secure boasts a small footprint on the endpoint while still offering browsing protection, anti-malware, rootkit detection, IPS, and email and web filtering."
    3. Panda AdminSecure for Enterprise: In addition to basic functions, Panda AdminSecure for Enterprise offers a self-diagnosis function that allows network admins to run tests and monitor the health of the network in real time.
    4. GFI VIPRE Antivirus Business: This enterprise-ready antivirus option extends the Windows malware protection features to include Mac, iOS and Android devices.
    5. Webroot SecureAnywhere Business - Endpoint Protection: This option is not for on-premise management; it is a cloud-based solution only. However, Webroot gives administrators a quick overview of the network and helps monitor threats.
  3. Hold Cybersecurity Awareness Training

    It’s a good idea to hold training sessions for not only general employees, but at the executive level as well, at least every six months. Boardroom topics of discussion should include:

    • Cybersecurity while traveling overseas
    • Avoiding risks associated with blackmail or threats
    • Managing online profiles
    • Appropriate social media behavior

    General training should cover tips for avoiding/identifying all potential threats on a day-to-day basis, including:

    • Creating strong passwords
    • How to identify spam or malicious emails
    • How to respond and communicate a potential cybersecurity issue
    • Best practices for working remotely

     

If you’re interested in beefing up your company’s security and identifying vulnerabilities, sign up for our security and threat prevention assessment.