Describe the best practice to employ to mitigate malware effects on a machine.
- Students are required to post one original response to the discussion questions each week, as well as a response to one classmate. Original responses should not be a word for word rehashing of what is stated in the readings, but rather an integration of the concepts and additional insights, either from real world experience or additional sources. It should be a 250 word response to the question.Your primary posting may end with a tag-line or a related question of your own. Your secondary posting is a response to one classmate’s post. Each answer/response should be supported with research. Responses to classmates should not be “I agreeâ€ or “I like the way you stated that.â€ These responses should again be insightful, offering an opinion or facts based on your research and experiences. The response to one classmate should be a minimum of 125 words. See APA criteria for citing resources. You must provide a minimum of a reference, in APA format, in your original response.include references and no plagiarism.send the files separately as one is discussion of 250 words with references and two replies each of 125 words.
Reply to topic 1:-
What is the best practice to employ to mitigate malware effects on a machine?
The following are some of the practices that could be deployed to mitigate effects of malware on a machine
Plan: As one plan to deal with malware in the business process, it is essential for one to have an intensive understanding of the potential dangers applicable to various processing systems. It may involve activities such as looking on possible disease vectors that one may be experiencing
Identification: It is essential for one to identify the potential sources of malware are detected and cataloged so that one can be in a better place to make a possible follow up. Identification is also key in determining the overall state of the malware attack on a certain machine.
Eradication: This practice is quite essential in mitigating the effects of malware attacks in that the infected part of a machine can be removed and reconstructed in a manner that does not allow any form of malware attack in the near future
Resilience: This is quite essential in ensuring that the malware attacks on a business do not have a lasting effect on the business operations. Business should ensure that they have detection techniques that would prevent any form of attack in the near future.
Limit the use of network shares (mapped drives):
Since virus attacks love to spread in terms of organized drives, there is a need to close mapped drives in a business unless there is a strong necessity to do so. Permission should be granted in terms of read-only but not on the read-write basis. This would play a crucial role in ensuring that possible malware is minimized from attacking the systems.
Protect smartphones and other mobile devices
Recent research has shown that portable devices are more prone to malware attacks. Firms which develope this form of devices need to come up with systems which can help firms in securing the devices which are used within the organization setting. Portable gadgets have a high possibility of bringing malware infections on unprotected PC (“Creating A Security Baseline by using Security Templates,” 2011).
Reply to topic 2:-
Author Musthaler (2011) states that according to RSA Cybercrime Trends Report, majority of malware products are not targeting corporate networks rather than consumer devices. The contributing factors, she notes are attributed to the increased mobility in employee devices and the advent of social sites along with IT that has become increasingly user driven. The exposure to malware might have adverse effects on a corporate network that include but are not limited to access to sensitive information and data breaches (Musthaler, 2011).
Below is a checklist that could act as best practices that could be followed for a sustainable security policy and aid in preventing malware attacks on corporate networks (Musthaler, 2011). These policies also need fine tuning and intense customization to fit the needs of the organization (Musthaler, 2011).
1. Patch Browser Plug-in: In the event of attacks being migrated to browsers, security plugins that can avoid threat largely originating from Acrobat or Flash vulnerabilities can be effectively combated. It is highly recommended that these plugins are kept up to date. Turning on Auto update is also strongly advised.
2. Peer-to-peer usage: malware distribution has transition to P2P mode. Blocking P2P at the gateway or the desktop level is recommended. Implementing a stringent no P2P policy would improve threat handling when companyâ€™s devices are subjected to home usage. Blocking P2P at the gateway is recommended than at the desktop level.
3. Switch off AutoRun: Otherwise knowns as autoplay, these applications are downloaded and played instantly thereby inheriting privileges that were granted a long time ago and not monitored regularly. Turning them off would reduce the risk of unwanted applications installed on the system.
4. Enable Enhanced Security in Adobe: Most applications can also be embedded in PDFs. Regularly updating Adobe and other PDF viewers will create a tapping mechanism that prevents executables inside a PDF.
5. Network Shares and Mapped Disks: network shared devices and mapped hard disks should be viewed as a potential weak point where a threat could arise. Implementing read-only wherever necessary rather than read-write would also aid in curbing threats.
6. Mail Security and Gateway blocking: updating and implementing a mail security solution could go a long way in curbing malware threats arising from Web 2.0 contents. Gateways should frequently be updated to block suspicious IP and continuously monitor to update hackersâ€™ identity.
7. Security content distribution schedule: IPS performs a daily to weekly releases of antivirus signatures. Making the most of this through automatic patching is advised
8. Other tools more effective than antivirus: an Intrusion Prevention System from reputed vendors such as Symantec Endpoint Protection (Musthaler, 2011) would reduce the risk of web based threats that trivial antiviruses fail to circumvent.
9. Customize Tool defaults: Adapting to the business needs of the company would include monitoring the tools and enhancing their performance through customization and changing defaults.
10. Educate Self and Users: Most malware threats and other network breaches are performed through social and reverse social engineering. Hence, a system that keeps all the employees prepared is one of the cornerstones of best practice implementation. Users should be educated on using only trusted sources, not updating flash and codec from video sharing websites. P2P applications and clicking on spam URLs found in malicious emails.
The best practices can have transcending capabilities once higher management gets involved in taking security seriously (Malhotra, 2015). The best way to handle security threats and risks is to have a holistic approach and converge multiple horizontals in an organization such as Corporate Risk Management, Cyber Risk Management and Enterprise Risk Management. Greater alignment can be obtained by going beyond a trivial risk assessment models to implementing risk insurance models. Cyber Risk Insurance (CRI) models are gaining traction in the Finance and Healthcare sectors where malware threats can have devastating effects. The best way to deal with this is by addressing the human factor in the security link. If the underlying ERM systems integrate people, process and technology; malware attacks can be efficiently handled, mitigated and managed in the long term (Malhotra, 2015)