Worms like Frethem.K, which spread last week, share a common theme: Namely, a few steps could have prevented companies...
from getting them in the first place.
SearchSecurity's editorial team has compiled a list of five fairly easy things to do to remain virus-free. The list has been culled from recent discussions with security professionals and industry analysts. The tips don't involve any new hardware or software, and some items on the list may not fit all organizations, but following these tips will protect against many of the viruses and worms out there today.
Keep your antivirus software updated! Antivirus experts suggest updating software daily and especially when you hear of a new virus. Install proper security patches from manufacturers. As many as 90% of viruses affect known vulnerabilities, so make sure you are on your antivirus software vendor's mailing list.
Educate your users about proper e-mail security. Often you are the best (or worst) line of defense against viruses. You should never open an e-mail attachment unless you are sure of what it is -- even if it came from your mother. Call or e-mail the sender to confirm they actually sent you the message. Be wary of e-cards. These files can be viruses in disguise. You may be overcome with glee for receiving such a greetings that you forget sound security practice.
Consider restricting Web-based e-mail. Some observers credited the success of the recent Klez worm to workers checking their personal e-mail accounts at work. Accessing Web-based messages often circumvents a company's antivirus protections. This would naturally require a greater control over the browser configuration, which isn't a bad idea either.
Block executable files at the gateway. If someone legitimately needs to send an executable file, then it can be zipped. More likely, these files are viruses. Other files to consider blocking are .scr (screensavers), .pif and .bat. Very few people will have reasons to send these file types via e-mail.
Consider blocking instant messaging at work. File-share capabilities could allow a user to download a virus, circumventing antivirus and firewall controls. You should not have IM running when logged onto the VPN. It's a back tunnel for crackers!