Virus and malware protection for small businesses

by Crucible Multimedia

So-called computer viruses are mini software programs which spread from computer to computer without the permission of the authorised computer administrator. They may be harmless pranks which can be easily disabled and removed, malicious attacks designed to damage or disrupt a particular system or data, sheer blind vandalism, or attempts to steal information which could be used commercially, politically or criminally. Particular types of viruses are also called ‘worms’, which after receipt by email work their way through a network using shared drives and files, and ‘trojans’ which hide inside other software applications.

Everyone with a computer should be concerned about viruses even if their computers are not connected to the telephone network or the Internet. For example, viruses can be introduced through infected floppy discs or CDs.

There are legal implications of sending a virus to customer, supplier or other contact. To have any defence against such a claim, and to get insurance cover, you must at least have put in place a policy and procedures which attempt to prevent these occurrences. Computer viruses can disable systems and destroy or steal data. The disruption or damage to a business could be considerable.

The solution is a series of measures, some managerial or administrative and some technical, designed to exclude viruses (as far as is possible) in the first place, but also to monitor and restrict unauthorised transactions, limit the damage and restore systems to pre-virus affected conditions if the worst happens.

Anyone who has access to the organisation's computers should be trained in IT security awareness, policy, regulations and procedures to the extent reasonably expected of their work activity.

The awareness training should explain the risks to the business of not following the policy, regulations and procedures, which only need to be outlined to the extent required by the individual.

The policy should cover who is authorised to do what with each computer terminal or network device.

The regulations should guide or prohibit those people with authorised access as to what are considered to be unacceptably risky practices.

These might include:

The procedures should detail the technical and administrative processes which need to be continuously in place or regularly carried out (and by whom) in order to check for and remove viruses, check for and restrict unauthorised activity, and back-up and restore data and system configurations.

Useful sources of information on viruses

PC Magazine has published a review of anti-virus software packages. Virus hoaxes can be almost as infectious - check out current virus hoaxes before you warn all the contacts in your address book.

Reviewed January 2011

last updated : 21/01/2011



See also our UK ICT Directory for supplier lists and links



search TelecomsAdvice

browse the index

A B C D E F G H I
J K L M N O P Q R
S T U V W X Y Z  

browse categories

UK ICT Directory

telecomsadvice blog

advertising sponsorship

help

site map

contact us