Is it a common practice to deny/filter e-mails that contain files with macros?

In this Ask the Expert Q&A, resident network security expert, Mike Chapple, discusses whether it a common practice to deny/filter e-mails that contain files with macros.

University of Notre Dame

Is it a common practice to deny/filter e-mails that contain files with macros? I currently have our firewalls set to deny VBA's and macro-laden files, but we need to send some files back and forth to headquarters and subs. Are there alternative setups or should we not worry about blocking macros?

At this point in time, I'd say it's standard practice for organizations to use an antivirus scanner on all inbound e-mails. In fact, you'd be hard-pressed to find anyone who doesn't. Worm outbreaks like Melissa and ILOVEYOU in the late 1990s forced everyone's hand in that respect.

The whole idea of blocking various classes of e-mail can be somewhat tricky and controversial. I know of organizations that block all documents containing scripts, while others block all compressed files because they might be encrypted. This really comes down to a business decision. If you have a business need for these files, you probably don't want to block them completely. It's reasonable to rely on your mail server's antivirus software to detect and remove malicious scripts. On the other hand, if you're able to clearly identify those senders (say everyone at foo.com) that need to exchange script-laden files, you might want to configure your server to reject these attachments from anyone else.

This was last published in April 2006

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Mike Chapple

How to prevent DoS attacks in the enterprise

It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading

How should HIPAA covered entities respond to healthcare ransomware?

The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading

Should healthcare organizations follow the NIST guidelines for HIPAA?

HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

How to deploy deep packet inspection in the cloud

Despite privacy concerns about deep packet inspection, it can help improve cloud network security for enterprises. Expert Frank ...

The security implications of serverless cloud computing

Cloudflare Workers is new for serverless cloud computing and introduces benefits and drawbacks for security professionals. Expert...

How to build a cloud security strategy after migration

Enterprises can face an array of issues when they migrate to the cloud. Learn about three of the main challenges and how to ...

SearchNetworking

What you need to know about intent-based networks

This compilation explores five pertinent questions about intent-based networking, including those about its benefits, why ...

SD-WAN cost savings hinge on underlying WAN technologies

SD-WAN marketing almost always mentions the benefit of cost savings. Cut through the hype and discover how SD-WAN works with MPLS...

Wireless network configuration basics: 5 steps to follow

Different wireless networks have different requirements. However, some common principles exist for strategizing your wireless ...

SearchCIO

Next-gen RPA bots automating job roles, not just tasks

Robotic software is moving beyond automating tasks to automating big pieces of certain job positions. Case in point: Automation ...

How AI cybersecurity thwarts attacks -- and how hackers fight back

IT leaders are using AI to take security to the next level. But how much security can AI provide? David Petersson examines where ...

Accenture predicts post-digital age where trust is the differentiator

The latest Accenture Technology Vision report calls out 'DARQ' technologies as the new must-have for CIOs and underscores the ...

SearchEnterpriseDesktop

5 Windows 10 security settings to tweak

Desktop security is crucial, and the default settings of Windows 10 can leave organizations vulnerable. Here are a few changes to...

New Zoho office application software includes AI feature Zia

Zoho's next generation office application software seeks to integrate business groups to contextualize the workplace with AI, ...

What IT needs to know about Windows 10 update troubleshooting

The Windows update process can cause a whole slew of problems for users and IT. Get acquainted with these Windows 10 update ...

SearchCloudComputing

Automation drives next wave of multi-cloud management tools

The current cloud landscape indicates a clear need for management tools that can span multiple platforms -- and they'll likely ...

Compare tools for multi-cloud Kubernetes management

For IT teams that need to manage Kubernetes deployments that span multiple cloud platforms, here are seven tools intended to ...

Control the cloud bill and avoid unexpected costs

Don't get discouraged by high cloud costs. Use these four tips to whip your bill into shape.

ComputerWeekly.com

Backup product approaches vary as they take aim at the cloud

Use of the public cloud for backup data is something all the backup software suppliers provide, but implementations range from ...

MWC 2019: 5G smartphones go live on Vodafone network

Vodafone has connected three 5G-enabled smartphones to a live network during trials in Spain

Breaking the chains: How FUD is holding the cyber sector hostage

The cyber security industry must move past fear tactics and get back to the basics of good cyber security practice

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Related Q&A from Mike Chapple

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.