How to Protect Against Malware? (Part IV)

What is malware?

Malware, or malicious software, is an umbrella term that describes any malicious program, code, or software written with the intent of damaging devices, stealing data, and generally causing a mess.

What was covered in Parts I, II, and III?

In Part I (Read Part I) we answered, How do I get malware?

In Part II (Read Part II) we discussed different types of malware.

In Part III (Read Part III) we discussed detecting or knowing if I have a malware infection.

Part IV details various ways you can protect against malware.

How can I start protecting against malware?

Straight to the point, here are a few areas to start with:

• Get a good anti-malware program. It should include layered protection (ability to scan and detect malware such as adware and spyware while maintaining proactive real-time defense that blocks threats such as ransomware).
• Prevent malicious apps from threatening networks. Organizations can do this by creating strong mobile security policies and deploying mobile security solutions that enforce those policies across multiple operating systems.
• Include remediation capabilities. Security programs should correct any system changes from malware they clean so everything goes back to normal.
• Use quality cybersecurity and antivirus tools first, before an incident. This applies across PC, mobile, and enterprise networks.

How can businesses protect against malware?

Considering the tremendous cost associated with malware attacks, and the current rise of ransomware and banking trojans in particular, here are practical tips to protect your business:

• Implement network segmentation. Spreading data across smaller subnetworks reduces attack surface.
• Contain breaches faster. Segmentation can limit impact to a few endpoints instead of the entire infrastructure.
• Enforce principle of least privilege (PoLP). Give users only the access needed to perform their jobs.
• Back up all data. Cover all endpoints and network shares.
• Ensure backup restore readiness. Archived data lets you wipe infected systems and restore quickly.
• Educate end users to spot malspam.
• Get proactive about endpoint protection.
• Be careful where you browse.
• Avoid clicking pop-up ads while browsing the internet.
• Be wary of unsolicited emails and attachments from unknown senders.
• When handling attachments, avoid executing executable files and enabling macros on Office files.

What should users do when in doubt?

When in doubt, reach out. Train end users to inquire further if suspicious emails appear to come from a trusted source. One quick phone call or email can go a long way toward avoiding malware.