CTO Tech Blog

The best investment that anyone can make in malware defence is education.  In fact, I would go as far as saying that any investment made in education on this subject will be repaid in software cost savings and productivity increases.  Let me step back and clarify what I mean by malware and the potential costs to individuals and companies.

Malware is defined by Merriam-Webster Online as simply "software designed to interfere with a computer's normal functioning".  While most people would immediately put a computer virus in this category, they may be unaware of other types of malware such as spyware, trojans, root kits, and even adware to name a few.  Each of these types of software share the common trait of performing functions that the user of the computer does not benefit from and often does not know about.  In some cases they are installed on purpose, but perform functions other than or beyond what the installer believes they do.  In others they will be installed by deceiving the user or in some cases even without their knowledge.  The effect of malware on a computer user or company can range from disruptive popup windows and web surfing habit collecting at the low end to theft of personal information and data or destruction of data at the high end.  The cost of these events is difficult to estimate and would differ for each user and the severity of the infection.  In most cases users have antivirus software and firewalls at a minimum and the value of these items are abolished with a single infection of any severity.  The final cost is attributed to remediation.  Stolen data and personal information can be very difficult to retrieve and typically involves changing bank accounts and credit cards.  Lost data and corrupted operating systems can be retrieved and repaired in most cases by people with the right skills, but this is rarely an inexpensive endeavour.

So how can education help defend against this type of incursion?  Developing safer computing habits and knowing the tricks that malware creators use to attack systems can help avoid exposure.  Safe computing habits include not opening email from people you don't know and from whom you are not expecting mail.  If you do open an email, but are not 100 percent sure of why you received it, don't click on any links in the email.  Never send or post personal information of any kind in an email or on a web site.  Remember that your bank will never phone or email to ask you for personal or account information.  Don't visit web sites that you don't know or don't know to be legitimate.  Try to stick to big brand name sites such as Microsoft, Google, Walmart, etc.  Download and install all security related updates for your operating systems, firewalls and antivirus software.  Install and regularly update a reputable antivirus software package. 

Today I have listed some basic strategies that everyone should practice and in future posts I will drill deeper into different types of malware, explain how they attack computers and suggest strategies for defence.  If you'd like to jump ahead and learn more there are some well produced videos available at Watchguard's web site: http://www.watchguard.com/education/videos.asp  I would suggest starting with the security for beginners videos at the bottom of the page.  Watchguard is a manufacturer of security products for computer networks. 

As the Chief Technical Officer at Basic Business Systems, one of my responsibilities is to share my knowledge and experience with our technical staff.  It was a short leap of imagination that led me to starting this blog as a means to do so as well as adding the ability to share with clients, partners, friends, and other interested parties.  For the benefit anyone who doesn't know me (or any who know me, but don't really know my background), I currently have over 25 years experience designing, maintaining, and deploying computer systems and computer networks.  Like many in this industry I am somewhat of a generalist but of late I have focused on networking (the transfer of data between systems) and virtualization (more to come on that in a later post). I am proud to say that I have been employed at Basic Business Systems for just over 20 years and have been a partner for the past 13.  Basic is celebrating 30 years in business this year and continues to evolve with our many long term clients.  We have a strong and responsive technical team and our focus as a company is to provide IT services that help our clients succeed in business.

My main goal for this blog is to incite thought among my readers regarding safe computing, data security, cost saving strategies for businesses, and introduce new technologies.  I hope to do all of this in a somewhat non-technical mannor and encourage comments and feedback.  If there is a new technology or trend you'd like to see discussed, or if you'd like to share your opinion about any of my posts you are encouraged to click the comments link or email me directly at gsiverns@basicbusiness.com.  I am not here to sell you products and offer my experience without any expectations in return.  That said, I am in business to provide technical services and welcome any opportunity to engage with potential clients.

Look for posts weekly on this site and please share the link with friends and collegues so that they can subscribe.  Next week I will be launching my first technical post with an introduction to virus and malware defence strategies.