Here are the best practices to use to reduce malware effects on a machine:
Only authorized devices are allowed. Only devices that have been approved by the main system should be allowed. The use of personal USBs, music players and smartphones should be prohibited. It is important to scan the device for malware and other malicious software.
Organizations should create a policy for patching and updating their operating systems on a regular basis. The policy should outline the procedures for looking for patches from vendors. It should also name the person responsible for patching/upgrading and monitoring devices after updates/patching. Updated Antivirus: To ensure that the latest virus definitions are available, it is necessary that anti-virus programs are set up to automatically update. Each device must be kept up-to-date as one vulnerability can cause complete security failure.
Monitor changes. It is essential to have a policy in place to ensure that there are no unexpected behaviors of devices. This could cause security lapses. It is important to thoroughly analyze the effects of any change and, in the unlikely event of failure, to have a mechanism for rolling back.
Local firewall: Every device, mobile or laptop, must have a local firewall. It will detect and track incoming and expending data and keep track on devices being updated.
Vulnerability scanning is an essential part of preventing the threat. Any tool or script that mimics malware is used. After scanning results are analyzed, it is possible to identify weak points on the machines. It is important to immediately secure any vulnerable machine.
Proxy servers and Web content filter should both be used. This will prevent users from being unknowingly redirected towards malicious websites. Only Web server can connect to the internet via HTTPS or HTTPS protocols.
Email filtering: Allow malicious attachments to be filtered and continue monitoring.
Log monitoring: Only firewalls, anti-virus software and firewalls are allowed to monitor logs. Not recommended as a last resort against malware. Logs from proxy servers, firewalls, DNS and DNS servers are all important. Monitored on a daily basis.
What happens if machines get infected? It is imperative that all data sent to other networks be stopped immediately. To determine the systems and their causes, analyze logs. If you find any software or utilities that are not working, start to analyze them and if possible remove them.
