We think that we know about computer viruses, which may make us blasé about Internet security risks. However, just because we know the names of a few viruses does not mean that we can drop our guard on IT security. On the contrary, never has the IT/CT environment harboured more security risks than it does right now.
First, some viruses never show themselves on the system they have attacked. They use it as a host from which to spread to other systems who, identifying the infected computer, may decide to exclude or delay e-mail and web traffic from that business with potentially serious competitive consequences.
Hackers do not even need to get into a computer. By using a device called a "sniffer", they can monitor and record all telephone traffic to and from a computer to collect usernames, passwords and pin numbers plus other data.
The next tune in the hacker's repertoire is often known as Spyware. It may do nothing more than provide its instigator with marketing information. However, even that can be irritating and Spyware programmers may not design it very efficiently: an early sign that a PC is harbouring Spyware is slow running, another sign could be the appearance of an unusual toolbar on the web browser or an increased frequency of "pop-up" adverts and may even extend to logging unbidden onto unwanted web sites; all wasting resources and indicating a wide-open door into the system.
And then there is the security threat of the moment, the Trojan Horse, designed to compromise your system. Often arriving as an e-mail attachment offering a free game or screensaver or access to pornography, Trojans are executable programs that, once opened, integrate themselves with the system. Simple ones may log keystrokes to steal information and passwords; more sophisticated ones such as the tastefully named "Back Orifice" or "Sub Seven" give full control of a PC to the hacker behind the attack to access data and interact with any network with which the PC is linked. At worst, a Trojan Horse may be impossible to remove except by rebuilding the system and even then, it will never be certain that a key has not been left somewhere for the hacker's future use. There could not be a greater threat to IT security.
The perennial threat is from staff; usually by opening the attachment to an e-mail from an unknown source. But sometimes the threat is malice or plain carelessness such as copying an e-mail in to an unintended recipient.
However, there are steps that any business can take to avoid and, in the worst case, deal with the above threats.
The first and most important is staff training with rules when using the Internet and supervision. Formulate a company policy on IT security, communicate it to all staff and then make sure it is followed. At the very least no e-mail attachment should be opened unless from a known source and expected, and e-mails should not be sent until the sender has checked that no unintended recipients have been included.
Using the "Reply All" button on an old e-mail from the intended recipient is lazy and, where an e-mail is not a reply, should not be used. It is far safer to create a new mail to only the intended recipients. Also, staff should be taught how to create memorable but unique passwords, not to keep them on a Post-it® note stuck to the PC monitor, and to change them regularly.
Any commercially sensitive or critical data should be encrypted but, of course, encryption requires that the recipient be able to read the information so they will need a decryption key. Modern "two key" encryption systems use a common or "public" key, which will be the same for senders and recipients of information plus a "private" key unique to each party and without which the "public" key cannot work.
More familiar to readers will be Internet Security software such as Norton and MacAfee, which can be very effective at excluding or isolating e-mails and attachments that contain unfamiliar material or known threats. These work very well as long as they are regularly updated, to take account of the latest threats, and used to scan the system.
Firewalls sit between the protected system and the outside world of the Internet. They can be configured to restrict connections to known web sites but that may be restrictive for someone whose job requires looking at a lot of sites for, say, purchasing requirements. More discerning firewalls are available but they cost more. Similar are Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). All of these tools will only be as good as the care with which they are set up and used.
A very effective and free step for Microsoft Windows XP users is to download "Windows Service Pack 2" (SP2) which will activate protections already in the system and will schedule automatic updates and enhancements. SP2 provides a useful firewall with protection against Trojan Horses, Spyware and other uninvited software.
To locate, remove and prevent future intrusions from unwanted software, use a specialist tool such as Ad-Aware from Lavasoft or Spybot Search & Destroy (S&D), both available as free downloads. Some Spyware is resistant to normal "Delete" or "Uninstall" commands but these tools can get around that.
As is often the case, while there are a lot of tools available, for the best IT security nothing can beat vigilance and the application of common sense by users.