The best investment that anyone can make in malware defence is education. In fact, I would go as far as saying that any investment made in education on this subject will be repaid in software cost savings and productivity increases. Let me step back and clarify what I mean by malware and the potential costs to individuals and companies.
Malware is defined by Merriam-Webster Online as simply "software designed to interfere with a computer's normal functioning". While most people would immediately put a computer virus in this category, they may be unaware of other types of malware such as spyware, trojans, root kits, and even adware to name a few. Each of these types of software share the common trait of performing functions that the user of the computer does not benefit from and often does not know about. In some cases they are installed on purpose, but perform functions other than or beyond what the installer believes they do. In others they will be installed by deceiving the user or in some cases even without their knowledge. The effect of malware on a computer user or company can range from disruptive popup windows and web surfing habit collecting at the low end to theft of personal information and data or destruction of data at the high end. The cost of these events is difficult to estimate and would differ for each user and the severity of the infection. In most cases users have antivirus software and firewalls at a minimum and the value of these items are abolished with a single infection of any severity. The final cost is attributed to remediation. Stolen data and personal information can be very difficult to retrieve and typically involves changing bank accounts and credit cards. Lost data and corrupted operating systems can be retrieved and repaired in most cases by people with the right skills, but this is rarely an inexpensive endeavour.
So how can education help defend against this type of incursion? Developing safer computing habits and knowing the tricks that malware creators use to attack systems can help avoid exposure. Safe computing habits include not opening email from people you don't know and from whom you are not expecting mail. If you do open an email, but are not 100 percent sure of why you received it, don't click on any links in the email. Never send or post personal information of any kind in an email or on a web site. Remember that your bank will never phone or email to ask you for personal or account information. Don't visit web sites that you don't know or don't know to be legitimate. Try to stick to big brand name sites such as Microsoft, Google, Walmart, etc. Download and install all security related updates for your operating systems, firewalls and antivirus software. Install and regularly update a reputable antivirus software package.
Today I have listed some basic strategies that everyone should practice and in future posts I will drill deeper into different types of malware, explain how they attack computers and suggest strategies for defence. If you'd like to jump ahead and learn more there are some well produced videos available at Watchguard's web site: http://www.watchguard.com/education/videos.asp I would suggest starting with the security for beginners videos at the bottom of the page. Watchguard is a manufacturer of security products for computer networks.
Nov 26, 2009 at 1:40 AM I often read your blog and always find it very interesting. Thought it was about time i let you know…Keep up the great work
Sep 21, 2011 at 1:05 PM Thanks for a great post on a subject that affects all web surfers.