Tips to keep Business Computers Free of Infection
Work computers are at risk due to four main vectors - viruses, spyware/malware, web/email fraud, and hacker intrusions. Not to mention slowing work productivity due to email spam.
All forms of infections can severely limit or stop business productivity while at work, requiring a computer technician to repair the problems. Further damage can result in credit card or identity theft, and lost company information.
While most small companies have anti-virus protection, they are usually lacking in protection against other forms of infection. While a virus might sneak through undetected, there are a host of other problems that can occur. Phishing scam emails might lead the employee to a rogue website to enter in credit card information, or download a trojan that opens a a trap-door to send back data to a rogue computer over the internet. Spyware/malware can blast the computer with annoying popup ads, programs, and potentially halt, limit functionality, and/or severely slow the computer to unproductive levels. A compromised PC can also be a target for "Zombies" which are controlled by an outside hacker to perform rogue activities.
While all this sounds scary, most can be easily alleviated by simple employee education. The number one reason for infection in the first place, is due to employee's mis-use of the business computer. Education increases awareness, and knowledge of such problems can help prevent infections. Prevention is the key to keeping the computer free of problems.
It should be clear that no single anti-virus program should be expected to catch it all. While it probably is not required to purchase mulitple anti-virus programs, it does make sense to educate your employees to help prevent infection in the first place.
Spyware/malware is nearly as bad as viruses today, and the anti-virus program does not address the spyware/malware infection. These types of infections can bring the computer to an unusable state, and therefore limit or stop productivity. Businesses are kidding themselves when they only protect against viruses, they are only protecting themselves against one avenue of attack, unless they also purchase and install a good anti-spyware program.
There are many appealing personal things for the employee to use the company computer - entertaining their kids, listening to music, playing games online, or enhancing their desktop with new wallpaper or smilies/stationary for their email. In addition, employees sometimes like to "experiment" or play with the computer settings which can also lead to problems. Employee's should be instructed to not use the computer for anything but assigned work or approved websites. If they are using a search engine for work, it should be very clear what they are looking for. Businesses may allow the employees to visit their online personal mail, or news websites, etc, but that should be decided upon by the Employer.
The result of this personal activity on the computer can lead to unwanted infections that can cripple the business computer, and possibility of compromising company data.
The point is you can and should install good programs to address viruses, spyware/malware and spam, but even with all this protection, the real source of the infections come from employee's personal use of the company computer. Downloading and installing programs that do not pertain to work, or opening emails that contain hidden programs, or visiting websites that might install trojans that could steal important data on the computer should be strictly out of scope for employee conduct with the computer.
The best medicine for all of it is to train your employees on the following:
1. Do not open emails OR attachments that are suspicious. Suspicious means not knowing the source of the email or the reason for the attachment. For example, if the email is from EBay/PayPal/bank asking for account information it is a FRAUD. If the email has an attachment such as "info.zip" or "happy.zip" (example) then don't open it. What clues to employees have ? I would have them ask themselves these questions before clicking on an email:
A: Do I know who sent this ?
B: Do I understand what the email is about and/or the attachment ?
If the answer is "I don't know" or just not sure, then don't open it, have a knowledgable person take a second look and/or direct your anti-virus scanner to scan your mail.
2. Visit websites that only pertain to business being done. While it might be ok to visit Yahoo mail or MSN News, but it would not be ok to visit strange websites that could potentially download Trojan viruses or spyware. Online games and file sharing programs are an absolute no-no at work.
3. Employees should not install any program that is not pertainent to business being done. Downloading and Installing programs for music, kids visiting the office, or other non-business activities should not be allowed, unless approved by management. The reason is it could compromise the stability of the work computer, which might disrupt business and require repair. This also includes wallpaper, smilies for email, and free email programs like "Incredimail".
While this sounds a bit harsh, the computer at work is for business, and in almost ALL cases the reason for infections are because of non-work related activities.