If you use a computer, you are at risk of having your device infected with malware; however, listed below are some useful tips for preventing malware infections.
Unfortunately, signature-based anti-malware software is far less effective at preventing infections than in years gone by. Malware developers are now using a wide range of strategies and techniques to prevent traditional anti-malware solutions from detecting and blocking infections.
Rely on anti-malware or anti-virus software alone and sooner or later you may find your device has been compromised, your keystrokes are being logged, and your – or your organization’s – data are being stolen.
However, there are some straightforward strategies that you can adopt to prevent malware infections and keep your computer, and your network, malware-free.
10 Tips for Preventing Malware Infections
Backup Your data
OK, a data backup will not prevent a malware infection, but it can help you recover if your computer is infected with ransomware or if your data are corrupted as a result of an infection – or removal of malware. The only way to recover from some infections is to wipe out your system and restore it from a previously known safe point. You must therefore have a safe point that you can use. Nightly backups should be performed. You only then stand to lose 24 hours of data at most.
Keep your malware definitions up to date
Anti-malware software may not be as effective as it once was, but you do need to give it a fighting chance. If you do not keep your definitions 100% up to date you are asking for trouble. This may sound obvious, but many organizations delay updating malware definitions for forget to set software to update automatically on all devices.
Never click on links or open email attachments from unknown senders
Cybercriminals target employees as it is far easier to gain access to a corporate network if an employee bypasses their organization’s defences and installs malware. All it takes is for one employee to install malware for attackers to gain a foothold in a network. Ensure that all employees receive anti-phishing training and have at least basic IT security skills. Most data breaches start with a phishing email.
Ensure operating systems and software are patched promptly
Operating systems, firmware, and all software must be kept up to date. As soon as patches are released, cybercriminals will be reverse engineering them to uncover the vulnerabilities. Don’t delay applying patches. Good patch management policies are essential for preventing malware infections.
Watch out for shadow IT
Downloading pirated software is an excellent way to infect computers with malware. Pirated software is often bundled with malware, spyware, and all manner of nasties. Block the running of executables and keygens if practical. Only install software from trusted sources. As an additional check, before installing software, check the software provider’s MD5 hash against your copy. If it’s a match, install. If not, delete.
Take care with USB drives
Not all malware comes via the web or email. USB drives can easily introduce malware. Make sure your anti-malware solution is configured to automatically scan USB drives before granting system access and never plug in a drive from an unknown source.
Perform regular malware scans
Having anti-virus and anti-malware software will not necessarily mean your system is protected. Full system scans should still be performed. Some infections can slip under the radar. A full scan should be performed at least once a month.
Keep abreast of the latest malware trends
You may have limited time, but it is important to keep abreast of the latest attack trends, cyberattacks, data breaches, and threat reports. Check the warnings from US-CERT, and monitor websites such as DarkReading, CIO, CISO, and The Register. A little research goes a very long way.
Keep mobile devices protected
Mobiles can easily be used to introduce malware onto networks to which they connect. Mobiles are often used on unprotected Wi-Fi hotspots, and the devices are increasingly being targeted by hackers. Ensure security software is installed on mobile devices and security settings on phones are active.
Use a firewall, web, and Wi-Fi filtering
A firewall is essential tool for preventing malware infections, although businesses should consider purchasing a next generation firewall device. Next generation firewalls combine a traditional firewall with other network device filtering functionalities. Web and Wi-Fi filtering solutions are also important. By filtering the Internet, it is possible to prevent drive-by malware downloads and carefully control the risks that employees take.