A strategy that keeps gaining ground is the concept of “white listing” applications. In plain English, this means your computers have a list of programs that are on the “approved” list to run, such as Word, Firefox, Acrobat, Excel, etc.

Then, any other program cannot run. Period. That means virus 1, virus 2, virus 999, etc. is not allowed to run. This solves the whole problem of needing anti-virus. In theory, even if a virus does come into your network through e-mail, web site drive by download, or Ernie in shipping carrying in an infected memory stick, it doesn’t matter. The virus cannot run anyway!

The challenge lies in your IT department being able to keep an organized white list of “approved” programs. When an update to a program arrives, the new update has to be listed too or it will not run.

Many providers are offering solutions including Bit9 Parity and Lumension Application Control and there are constant advancements in making administration even easier.

Yes, some day anti-virus may be old news and never used again.

While that strategy may help some, it is far from being a reliable way to protect your network. First of all, without performing some technical detective work, it is hard for a non-IT professional to tell who the e-mail came from anyway. You may get an e-mail from a cybercriminal who uses “spoofing” to make the e-mail message appear that it is coming from your best friend, bank, the FTC, or anyone else.

Better protection comes from scanning tools running at one or more locations including your e-mail server, your firewall, your spam filter, and the anti-virus client on your local machine.

Training users “not to open e-mail from strangers” is a moot point if your user is supposed to open e-mail messages from prospects interested in your company’s products and/or services.  There is some training that matters though…

Train your users to NEVER click on a link in an e-mail message. The link may say to the user, “click here to read an important announcement about your future employment at this company” and the link underneath may take the user to, “hose the network now dot com.”

Also train the users to never send out any private information in an e-mail message or attachment. The message can be misaddressed, intercepted or forwarded to the wrong person. If something is private, it needs to be encrypted using an effective encryption method. In another blog entry I addressed data loss prevention tools that can even help identify these messages and stop them before they leave your organization.

If your executives or other users use the strategy of “not opening mail from someone they don’t know,” that is a red flag alerting you to a problem you can resolve ASAP.

The virus goes by the name of Conficker and it is also known as Downadup (and also Downup and Kido).  My advice remains the same as always: be concerned about a really bad virus every single day of your life. If you are following IT security best practices, then there is nothing more to do in preparation for April 1.

Still, I was amazed during the Y2K bug nine years ago how many executives decided, “ok, let’s go ahead and take appropriate IT steps since there is a deadline.” If your organization has been postponing some of the simple IT security basics, maybe Conficker’s “bright side” is that you’ll do what needs to be done.

Click here to view the embedded video.

Details of some of the steps to take include:

• Make sure all your critical Microsoft and Apple patches are installed. Organizations should use a centralized patch management tool. For short instructional videos for home users click here for Macintosh: http://www.fosterinstitute.com/blog/update-your-mac.html and here for Windows: http://www.fosterinstitute.com/blog/update-your-pc.html
• Make sure other applications are patched.
  See http://www.fosterinstitute.com/blog/useful-utility.html#more-149
• Make sure your anti-virus program is using the current version of the program, has the latest signature files, and is performing scheduled scans of all your computers. More information here
  http://www.fosterinstitute.com/blog/daily-it-checkup.html#more-23
• Continue your practice of having a good backup at least once a day
• Use excellent firewalls and Web Content Filtering tools http://www.fosterinstitute.com/blog/block-sites.html#more-144
• Have regular IT Audits – See www.KeepMyNetworkSafe.com and http://www.fosterinstitute.com/blog/easy-it-audit.html#more-96 for more information
• Educate your users so they help protect your organization’s reputation http://www.fosterinstitute.com/blog/easy-it-audit.html#more-96

Even if the economy is having a negative effect on your business, protecting yourself is very economical. The expensive part is suffering the monetary loss from downtime, lawsuits, and loss of your company’s reputation.

Protect yourself today – and every day!

If you have never tried the scans at www.secunia.com you may want to. There is a simple online version of the scan and also more in depth scans you can purchase. One of the most useful parts of the program is that it shows you where to find patches and updates that your system needs to be fully functional.

When Secunia scans your computer, it will look at many applications other than Microsoft. If any of your applications are out of date, it will show you how to fix your system.

The tool helped me track down problems on a new laptop I was building recently. In addition to helping me find patches for applications, it helped me identify that I had multiple copies of tools installed. The multiple copies were causing other problems on my new machine including the dreaded blue screen of death.

Really the only concern is that a cybercriminal could redirect you to put the wrong patches on your system potentially causing an infection. If you trust the professionals at Secunia, they can help you avoid being redirected to the “wrong” site for your patches.  I found the tool so useful I want you to know about it as well to see if you like it too.

As always, check with your IT professionals to get their approval, and maybe even assistance, and you may find Secunia fixes some bugs you always wondered how to resolve.  At the very least, it can potentially make your system more secure.

That’s why you need to secure your the individual workstations as well as the network. And whether you have three computers or 300, you need to have everyone on a domain model, not workgroup model, with a dedicated server. That will give you a central management point so you can take care of all the machines automatically.

Also realize that your company’s computer network is only as strong as its weakest link. Often I hear in companies that the CEO won’t let anyone from IT touch his or her computer. But if all the other computers in the network are up to date except the CEO’s, your company is still vulnerable. So you have to make sure everyone’s computer, even the CEO’s, is protected.

This is why it is so critical that you understand the importance of securing your network as well as individual workstations, and visa versa. When your IT professional says they want to make your computer safe, let them — that’s what they get paid to do!

What are your thoughts on this topic?