Security wake-up call
Tim Landgrave
Published: 11 Feb 2003 10:46 GMT
The vast majority of corporate desktops use Microsoft Outlook or Outlook Express as an e-mail client, so it's only natural that virus authors choose to spread their venom using the features of these products against the users. If you're a corporate Outlook user, your IT staff needs an organized way to download and install the latest Outlook security patches from Microsoft. Microsoft provides the Windows Update service to allow individual machines to download the latest security and application patches directly. IT managers who don't want users downloading the patches directly have the option of installing a local copy of the Windows Update service and allowing users to get the patches from a local security server that includes the latest patches.
Your IT staff should especially be concerned about laptops
When users take laptops out of the office and connect them to the Internet, they do so without any of the firewall, virus-screening, or other protections built into your corporate infrastructure. I recommend that you configure laptops that communicate remotely to come through a VPN in the corporate network whenever they use Internet resources, even though the laptop may not perform as quickly if you do so. Without this protection, it's relatively simple for a user to pick up a virus or worm on the laptop when connecting remotely and then spread it through your corporate network when they connect locally.
Consider turning off all access to IM clients or newsgroups
Many companies have removed IM access, though I think the potential benefit of using instant messaging and newsgroups outweighs the risk as long as you advise your users not to accept attachments from strangers in online chat systems and to avoid downloading files from public newsgroups. Vendor newsgroups are a different matter, however, since vendors do a good job of policing their own news servers and keeping dangerous files from being posted.
Security is a full-time job
Most companies want the benefits of giving their customers, employees, and partners 24/7 access to systems by using the Internet as their communications backbone.
But one of the things most often overlooked by the CIOs who want this capability is the responsibility of policing systems and connections on a 24/7 basis. If you expect your IT managers to invest the time required to keep your systems safe and connected, you must be willing to invest the money and other resources to help them do so.
For a weekly round-up of the enterprise IT news, sign up for the
Enterpise newsletter.
Find out what's where in the new Tech Update with our
Guided Tour.
Tell us what you think in the
Enterprise Mailroom.
Previous
Did you find this article useful?
91 out of 168 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
