RE: RES: Best practices for preventing malware in a small businessenvironment?

[Alex Bolante <alexander.bolante () yahoo com>]

To pile onto what Rafael stated, which I agree with, focus on:

People
Process
Technology

CIO/CISOs are spending $$$ on people -- awareness, education and training this year.

Processes are not only having to be up to par with regulatory compliance, but also industry standards in order to 
reduce risks.  So less manual, more automated where needed/practical.

And technology should not only drive down security costs, but also enable your business i.e., increase your security 
posture.

Take a holistic, pragmatic approach.  Start there.

Cheers,
Alex

-----Original Message-----
From: Rafael.Pandini
Sent: Tuesday, June 14, 2011 12:48 PM
To: synja () synfulvisions com; larrywidmyer () yahoo com; security-basics () securityfocus com
Subject: RES: Best practices for preventing malware in a small businessenvironment?

Hi list,

IMHO technology isn't enough to protect the users and the network, a combination of technology and educated the users 
will help you to "implement" a more reliable protection. But always remember that a secure system/network is an utopia 
and there is no patch for human minds.

On technology side, you can implement:
 - Anti-virus, a good one !
 - Some proxy rules to restrict user from accessing some sites (Better is permit only allowed sites).
 - Some solution to keep users OS/Office/browsers/java/flash/anti-virus updated. Believe me, users are really lazy, 
even if the update process is click only in a button with the text "Yes, update now" they won't do, the update must be 
automatically or it won't work. 

On users side, the user side, what you need is simple, just education.
 - Train the users about security.
   - There are some different kind of users, some prefer numbers, other facts, other "abstract ideas", you must win the 
attention of all of them.
     - Show cases of hacking and the results of their attacks. Talk about Sony, how many credit cards stolen, some 
company that have their website defaced, etc...
     - Show numbers, say things like "Will our customers still believing in us even if all our database is exposed 
online ?" (marketing guys really fear this phrase !) 
   - Unfortunately security is the market of fear, if the users don't fear an attack, don't matter how many times you 
say "don't open all .exe files that you receive by e-mail" they will still doing it.
   - Alert about common attacks, talking on USER language.
 - Each three months (or when you think that is the time), refresh the topic on user mind.
 - Monitor the proxy and anti-virus logs to know your company health.
 - if some user bother you bypassing your protections, infecting stations and other things like that, talk with him, 
one, two, and three times, and if don't work talk with HR area about it. After the first "evil user" is fired, all 
others will act like a sheep and respect your authority.

Here are my 2 cents.


-----Mensagem original-----
De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] Em nome de Rob
Enviada em: terça-feira, 14 de junho de 2011 14:58
Para: larrywidmyer () yahoo com; security-basics () securityfocus com
Assunto: Re: Best practices for preventing malware in a small businessenvironment?

Create an ACL to deny execute permission for the temp folders for non-admin accounts.

Rob
------Original Message------
From: larrywidmyer () yahoo com
Sender: listbounce () securityfocus com
To: security-basics () securityfocus com
Subject: Best practices for preventing malware in a small businessenvironment?
Sent: Jun 13, 2011 8:03 PM

I'm concerned with my company's employees contracting rootkits via normal websurfing and wanted to find out if there's 
a good way to prevent this from happening.  Antivirus software on the PC's help a little, but they still don't catch 
everything.  Is there something else that can be implemented on my network to help prevent malware being installed 
through websurfing?

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Sent via BlackBerry by AT&T

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------