Workers create last
leaky line of defense against viruses
by Alan Zisman (c) 2003 First published in Business in Vancouver
#729, October 14-20 2003 High Tech Office column
to the regular
collection of spam email promising me larger body parts and/or better
performance, I’ve been getting barraged by emails purporting to be from
Microsoft including what is claimed to
be vital security patch. Though the messages look real, I know that
send out updates via email, and my antivirus software tells me that the
attached files carry the W32.Swen virus.
on the number of
virus-spreading messages I’ve received, though, I can only conclude
awful lot of people have fallen for the virus’s siren call.
not only individuals
who are falling prey to the viruses, worms, and assorted malware. In
variant of the Blaster worm shut down Air
Canada’s reservation network. In September, the US State
processing network was hit. And these are just some of the incidents
the most publicity.
the infection of a
large organization’s network makes the news, I get asked how could it
don’t they have firewalls and IT staff specifically to prevent this
thing? Typically, enterprises have focused on what’s been called a
Firewalls keep outside hackers away from the internal network. Software
incoming email for viruses, and in many cases for spam, all in an
keep dangers from getting into the network.
though, the weakness
is what happens inside the protected perimeter. Perhaps someone at work
onto their personal Web email account. This can let them receive an
attachment that would have been blocked if it was sent to the company’s
system. Swen, Blaster, and other recent infections can quickly spread
the network from a single infected computer.
way to bypass the
firewall is with notebooks. These may travel back and forth from work
or may be brought in by outsiders, perhaps consultants or sales people
to show a Powerpoint presentation. It’s all too easy to pick up an
outside, then by plugging into the company network, spread the
throughout the organization.
(VPN) connections between companies or remote access sessions between
working at home and the company network are other potential back doors
the perimeter defenses.
steps can be taken by
businesses to better protect themselves. As I discussed in Issue #726, firewall
software such as Zone
Alarm or Absolute
Firewall should be installed
on all notebooks that go back and forth between work and home.
software with up to date virus definitions are a must on all computers,
just on the network perimeter. And companies need clear policies on
access to home email accounts, and need to ensure that employees are
easy to assume that
security is the IT department’s responsibility. Many organizations that
downscaled or outsourced their IT staff have recently felt the pain
when no one
was available when the crunch came. And individual users need to take
responsibility for firewalls and up to date antivirus software on their
systems and notebooks, knowing that infections on these computers can
the company’s network as well.
IT manager with LSI Logic, noted: “You
may have nailed down the whole internal network and then one lone
individual gets the latest problem and spreads it… If employees don't
take the time, I can't help them. I've
been educating users as a part of my job but some simply don't care. But I'm the one who has to fix it when
there’s a problem.
patches is a
huge job. We don't always have the
resources to go to all the machines and patch them or to use tools to
things out. And then there's the time and network bandwidth involved,
you're trying to make products and generate a profit.”