Software // Enterprise Applications
Commentary
3/10/2004
11:29 PM
Commentary
Commentary
Commentary
Connect Directly
RSS
E-Mail
50%
50%

SmartAdvice: Update Software And Train Users To Help Stop Plague Of E-Mail Viruses

Up-to-date antivirus software is important to stop spam and malicious software, but user training is just as critical, The Advisory Council says. Also, don't let Oracle's bid for PeopleSoft scare you off, and the time for considering voice over IP is getting nearer as large vendors invest in the technology.

Editor's Note: Welcome to SmartAdvice, a weekly column by The Advisory Council (TAC), an advisory service firm. The feature answers three questions of core interest to you, ranging from career advice to enterprise strategies to how to deal with vendors. Submit questions directly to smartadvice@tacadvisory.com


Question A: The flood of E-mail viruses and spam is getting worse every week. What are the best solutions?

Our advice: Although E-mail viruses and worms (malicious software) and spam (unsolicited commercial E-mail) have much in common, the tools used to fight them are different.

Stopping viruses and worms requires "defense in depth":

  • Server antivirus software;
  • PC antivirus software;
  • Up-to-date software patches; and
  • End-user training.

From a security perspective, it's better that your server antivirus software and PC antivirus software be from different vendors, so that you're protected as soon as one of them releases the signature for a new virus. From an administrative perspective, however, the antivirus software vendors have made it easier to use the same vendor for both. Whether you have one vendor or two, antivirus software is only effective if the virus signatures are kept up-to-date. It's likewise essential that your operating system and E-mail software be kept up-to-date with the latest security patches. New viruses often make use of recently discovered security flaws.

The most critical component of antivirus defense, and the most difficult to implement, is end-user training about the dangers of malicious E-mail "social engineering," described by the notorious hacker Kevin Mitnick as "hacking people." Recent viruses use a variety of tricks to entice users into opening the zipped attachments that contain the virus. Because E-mail viruses forge the "from" address with a name found on the same infected computer where the recipient's address is found, the advice of "don't open E-mail attachments from people you don't know" isn't sufficient (and many users ignore even that advice). Users should be trained to think of opening E-mail attachments as being like meeting someone in a dark alley--one must be really sure it's safe before doing it.


Related Links

Antivirus Suites: Doing the Safety Dance

Enterprise Spam Tools: Several Approaches, Including Some That Work

SpamBayes

Microsoft Pushes Anti-Spam Scheme Using Authentication

Spam is a more subtle and difficult problem. In a less litigious society, businesses might view spam as "merely" a waste of time and resources. Since much spam is of a sexual nature, however, a business which ignores the spam problem may find itself sued for sexual harassment (its failure to act creating a hostile workplace). The solution to that aspect of the spam problem is server- or network-based spam filtering. Spam filtering brings its own problem, however, that of "false positives." A false positive is a legitimate message which gets filtered-out as spam. At a previous employer, one of our customers had a name which happened to be on the spam filter's blacklist. By the time the customer phoned his salesperson to complain about the lack of response to his E-mail, he was so angry that we were lucky to retain him.

The two most promising solutions to spam are, unfortunately, not quite reality. One of the problems with spam is that it is "in the eye of the beholder." There are mailings I want to receive that others would consider spam, and vice versa. The solution to this is PC-based Bayesian filtering, in which the spam filter learns from experience what I personally consider spam. Bayesian technology is just beginning to appear in products. The long-term solution (if any is possible) will probably be a caller ID for E-mail scheme which uses new Internet protocols (yet to be standardized) to identify the true sender of each E-mail message, eliminating the forged from-addresses used by spammers.

--Peter Schay

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.