10 Tips for Keeping Malware Off Your Enterprise Computers

10 Tips for Keeping Malware Off Your Enterprise Computers

Cyberattacks and malware have become an increasingly prevalent threat to businesses in the last few years, and the effects they have on businesses can be devastating. Keeping critical IT assets safe from cybercriminals is difficult, but it can be done. Below are 10 tips to help enterprises keep malware and other threats off of their computers:

1) Employ a reliable anti-virus solution
Many computer users, and even business IT professionals, have fallen for advertisements promising them reliable cybersecurity protection with a free anti-virus program. Sometimes free anti-virus solutions just fail to offer quality protection from malware and other types of cyber attacks, but other times free anti-virus programs can actually contain malware themselves. Using a reliable anti-virus solution from a reputable, business-grade software vendor is the only way to truly protect against malware and other cyber threats. Professional anti-virus solutions update continuously throughout the day can protect against a greater array of vulnerabilities, including rootkits and spyware.

2) Keep anti-malware programs updated
The threats that put critical IT assets at risk are always changing. To stay ahead of the game, anti-virus and anti-spyware tools need to be updated regularly. Without critical updates to signatures and databases, the security tools won’t know what the latest malware strains are and will fail to protect PCs from malicious software. To ensure your solution is up to date, prevent your program’s license from expiring so you will continue receiving updates, as well as protection from the most recent threats.

3) Be careful what you click on
Everyone has probably heard this advice by now: Don’t click on links or attachments in emails from people you don’t know. And yet, people continue to do so. Cybercriminals have gotten so good at using social engineering techniques that they are able to make it look as though a legitimate company or trusted friend has sent you a message when in reality the link to an important business update or latest vacation pictures actually sends you to a malicious website that downloads malware on your device. Obviously some links need to be clicked on, and an easy way to share those links is through email. To determine which ones are safe to visit, users should look at the source code before clicking and then manually navigate to the site in question using a new browser window.

4) Implement hardware-based firewalls
A reliable firewall is one of the most critical pieces of cybersecurity protection an enterprise can have, as it defends IT assets from a wide variety of exploits. Software-based firewalls, like the one included within Windows programs, aren’t sufficient enough to protect systems from the increasingly strong cyberattacks they are subjected to on a daily basis, however. Because of this, users should secure all PCs connected to the Internet behind a hardware-based firewall instead.

5) Use DNS protection
Browsing the Internet introduces computer systems to a multitude of security risks, including drive-by installations, malicious Trojan files and infected attachments. One of the most troubling types of threats is the poisoned DNS attack, in which a compromised DNS server directs users to unauthorized Web servers in order to install malware on victims’ computers. To protect against all of these types of attacks, users should change the way their computers process DNS services. IT administrators can make changes and organizations like OpenDNS offer free services to protect against common Web-based threats that prey on compromised DNS.

Computer users need to stay sharp and be aware of cyber threats when browsing the Web.

Computer users need to stay sharp and be aware of cyber threats when browsing the Web.

6) Disable autorun features
One of the most common ways viruses gain access to computer networks is by attaching themselves to a drive and automatically installing themselves to any other connect media on the same system. As a result, using any device that connects externally, such a USB drive or external hard disk, can result in automatically propagating malicious software. To protect against such a scenario, users should disable Windows’ autorun feature and make it so any installation must be manually approved.

7) Be smarter about how you browse the Web
Now that cybercriminals have started using tactics that work directly within a browser or by creating malicious pop-ups or undetected navigation, many business-class anti-malware programs have started to include browser plug-ins that enable users to protect themselves against drive-by installations, phishing attacks and other serious exploits. Others even offer link protection, in which Web links are cross-referenced against databases of known malicious pages. All computer users should turn on these preventative browsing features whenever possible. Even when such protections are enabled, users should never enter critical account or financial information into a Web page to which they haven’t manually arrived.

8) Don’t run programs downloaded from an unknown source/without a digital signature
By now most computer users are so used to system alerts popping up on their screens that they click OK on just about anything. But taking a few seconds to read what you’re clicking on may make the difference between a normal day and compromising an entire workstation. Files that don’t contain a signature or that popped up out of nowhere should always be considered malicious. Any time an alert asks if you want to run or install something, run it through an anti-virus scan first just to be safe.

9) Use common sense while online
Things that appear too good to be true often are, and this rule is especially true when it comes to the Internet. Anyone can publish anything they want on the Internet, and Web pages asking you to fill out a quick survey before winning gift cards or other prizes are almost always a scam created to steal personal information, install malware or worse. Implementing a pop-up blocker is a good way to reduce instances in which these types of websites might appear, but organizations should also educate their employees on the dangers of sharing personal information online. This is one of the only reliable protections against human error.

10) Deploy a Deep Freeze solution from Faronics
For businesses looking for a reliable way to defend against the damage that can be caused by sophisticated cyber threats, deploying a Deep Freeze solution from Faronics is a very reliable strategy. Deep Freeze offers a unique reboot to restore feature that returns systems to the way they were before a malware infected the workstation, wiping any unwanted files off of the computer and restoring everything to predetermined settings. Deep Freeze allows IT administrators to reboot systems to the last recorded setting and preserve the integrity of workstations while getting rid of harmful programs.

About The Author

Kate Beckham

Kate has been lighting up the blogosphere for over 5 years, with a keen interest in social media and new malware threats. When not sitting at a café behind her Mac, you’ll usually find her scouring the racks for vintage finds or playing guitar.

Sign Up For A 30-Day Trial


Deep Freeze Enterprise

Centralized deployment and management as well as a host of configuration options for the Enterprise.

  • This field is for validation purposes and should be left unchanged.

Ready to find out more about Faronics? Let us know how to reach you.

We're here to help you in any way possible.