SmartAdvice: Update Software And Train Users To Help Stop Plague Of E-Mail Viruses
Up-to-date antivirus software is important to stop spam and malicious software, but user training is just as critical, The Advisory Council says. Also, don't let Oracle's bid for PeopleSoft scare you off, and the time for considering voice over IP is getting nearer as large vendors invest in the technology.
Editor's Note: Welcome to SmartAdvice, a weekly column by The Advisory Council (TAC), an advisory service firm. The feature answers three questions of core interest to you, ranging from career advice to enterprise strategies to how to deal with vendors. Submit questions directly to firstname.lastname@example.org
Question A: The flood of E-mail viruses and spam is getting worse every week. What are the best solutions?
Our advice: Although E-mail viruses and worms (malicious software) and spam (unsolicited commercial E-mail) have much in common, the tools used to fight them are different.
Stopping viruses and worms requires "defense in depth":
Server antivirus software;
PC antivirus software;
Up-to-date software patches; and
From a security perspective, it's better that your server antivirus software and PC antivirus software be from different vendors, so that you're protected as soon as one of them releases the signature for a new virus. From an administrative perspective, however, the antivirus software vendors have made it easier to use the same vendor for both. Whether you have one vendor or two, antivirus software is only effective if the virus signatures are kept up-to-date. It's likewise essential that your operating system and E-mail software be kept up-to-date with the latest security patches. New viruses often make use of recently discovered security flaws.
The most critical component of antivirus defense, and the most difficult to implement, is end-user training about the dangers of malicious E-mail "social engineering," described by the notorious hacker Kevin Mitnick as "hacking people." Recent viruses use a variety of tricks to entice users into opening the zipped attachments that contain the virus. Because E-mail viruses forge the "from" address with a name found on the same infected computer where the recipient's address is found, the advice of "don't open E-mail attachments from people you don't know" isn't sufficient (and many users ignore even that advice). Users should be trained to think of opening E-mail attachments as being like meeting someone in a dark alley--one must be really sure it's safe before doing it.
Spam is a more subtle and difficult problem. In a less litigious society, businesses might view spam as "merely" a waste of time and resources. Since much spam is of a sexual nature, however, a business which ignores the spam problem may find itself sued for sexual harassment (its failure to act creating a hostile workplace). The solution to that aspect of the spam problem is server- or network-based spam filtering. Spam filtering brings its own problem, however, that of "false positives." A false positive is a legitimate message which gets filtered-out as spam. At a previous employer, one of our customers had a name which happened to be on the spam filter's blacklist. By the time the customer phoned his salesperson to complain about the lack of response to his E-mail, he was so angry that we were lucky to retain him.
The two most promising solutions to spam are, unfortunately, not quite reality. One of the problems with spam is that it is "in the eye of the beholder." There are mailings I want to receive that others would consider spam, and vice versa. The solution to this is PC-based Bayesian filtering, in which the spam filter learns from experience what I personally consider spam. Bayesian technology is just beginning to appear in products. The long-term solution (if any is possible) will probably be a caller ID for E-mail scheme which uses new Internet protocols (yet to be standardized) to identify the true sender of each E-mail message, eliminating the forged from-addresses used by spammers.
[Interop ITX 2017] State Of DevOps ReportThe DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.