CyberSecurity & Small Business: Anti-Virus

CyberSecurity
CyberSecurity

In part 1 of Cyber Security & Small Business I touched on three areas of interests where Small Business owners should focus their attention.  This article will focus on understanding Anti-Virus software.  According to US-CERT Anti-virus software (sometimes more broadly referred to as anti-malware software) looks for patterns based on the signatures or definitions of known malware. Anti-virus vendors find new and updated malware daily, so it is important that you have the latest updates installed on your computer.

Once you have installed an anti-virus package, you should scan your entire computer periodically.  A rule of thumb is to setup your anti-virus to scan at least once a day automatically.  If you turn off your computer daily then you want the computer to be scanned when you first turn it on or before you turn it off.  If you keep your computer running 24-7 like I do then you will want to scan at the end of each surfing activity plus have a automatic scan to happen which I setup to do in the early morning hours.  ***NOTE***  If you have kids that surf the internet and play online games outside of your gaming consoles you will want to scan your computer after each internet session.  It is also very extremely important that any pop ups that occur will anyone is surfing that you take the time and read what has popped up.  Many times we just click OK  which gives the permission for the Malware or Virus software to be downloaded to the computer.  This I consider to be the first point of failure because the end user has allowed access.

There are two types of Viruses or Malware that small business owners need to be made aware of because these two will be the most costly to repair your systems if they become infected.  The are known as Ransomware. There are two basic types of ransomware in circulation. The most common type today is crypto ransomware, which aims to encrypt personal data and files. The other, known as locker ransomware, is designed to lock the computer, preventing victims from using it.

Locker ransomware is designed to deny access to computing resources. This typically takes the form of locking the computer’s or device’s user interface and then asking the user to pay a fee in order to restore access to it. Locked computers will often be left with limited capabilities, such as only allowing the user to interact with the ransomware and pay the ransom. This means access to the mouse might be disabled and the keyboard functionality might be limited to numeric keys, allowing the victim to only type numbers to indicate the payment code.

Crypto ransomware is designed to find and encrypt valuable data stored on the computer, making the data useless unless the user obtains the decryption key. As people’s lives become increasingly digital, they are storing more important data on their personal computers and devices. Many users are not aware of the need to create backups to guard against hard disk failures or the loss or theft of the computer, let alone a possible crypto ransomware attack. This could be because users don’t have the knowhow or don’t realize the value of the data until it is lost. Setting up an effective backup process requires some work and discipline, so it’s not an attractive proposition for the average user. Crypto ransomware targets these weaknesses in the typical user’s security posture for extortion purposes.

For many businesses, information and the technology to use it is their life blood, without which the act of conducting day-to-day business is impossible. Consider a retailer running a computerized point-of-sale (POS) system. If the POS system was unavailable due to a ransomware infection, the retailer would not be in a position to transact sales. Business computers are also more likely to contain sensitive data and documents of critical importance, such as customer databases, business plans, proposals, reports, source code, forms, and tax compliance documents. Modern crypto ransomware threats can enumerate all accessible drives, such as local file-share servers, and encrypt files on these as well. This means more than one system can be impacted by just a single crypto ransomware infection. The loss of this information could have a catastrophic impact on the business. While many companies have backup and disaster recovery plans, there are still many who do not. Some organization’s disaster recovery plans may not extend to cover the individual end users. Even if the businesses had plans, it is quite possible that they have not been tested and may not work as expected when required. These factors make individual business users a viable target for traditional crypto ransomware.

This is just a more information that the small business owner can use to become knowledgeable to protect their business.  I would like to thank Symantec and US-CERT  for providing information  that will allow Small businesses to become more secure.

If you enjoy The Buckster and the information we provide please sign up as a subscriber today!

Let us know your thoughts and comments
The Buckster: EC&B Solutions Inc. ALL RIGHTS RESERVED

Corporate Site – www.nhancedbizsolutions.com

Social Media

Follow us on Twitter @ecnbsolutions

Follow us on facebook.com/ecnbsolutionsinc.

EXPERIENCE YOUR VISION

THE ECNB BLOG - A RESOURCE FOR SMALL

Advertisements

Published by: ecnbsolutions

"Imagine it. Try it. Prove it. Do it!" The only thing holding you back is YOU!!! Mark Alexander is Founder and President of EC&B Solutions Inc., a consulting firm that provides Information Technology services to corporations and Federal Government Agencies. EC&B Solutions Inc. is a certified minority, disabled veteran owned corporation that has been established since September 2006. Beginning as a Systems Administrator with the US Air Force Mr. Alexander has served his country in such operations as Joint Task Force / Southwest Asia and South Korea. Mr Alexander has been an innovative team member for other prestigious organizations such as El Paso Corporation serving as a Database Administrator, Dixie Chemical Company serving as the Lead Systems Administrator and Desktop Support Manager, National Aeronautical Space Administration (NASA), TransOcean Drilling Company providing IT & Electronic Support for Deepwater Drilling Operations. While at NASA Mr. Alexander was involved with the Systems Infrastructure project for the mission to Mars. Mr. Alexander has served on the Board of the Bates Clinic, A Social Services Non-Profit Organization located in Missouri City Texas providing services to young single mothers. Currently, Mr. Alexander is working as a consultant with the Houston Area Urban League as their Job Developer for the Urban Youth Empowerment Program as well as the Urban League’s Webmaster and Social Media Guru. Mr. Alexander was instrumental in providing IT Services to such organizations as Department of Homeland Security, Department of Air Force, Department of Army, and the Justice Department. Mr. Alexander is also the author of his first booked named Be Sober, Be Vigilant: Battle Tested Principals to Building the Foundation Of Your Dreams. It is Mr. Alexander’s goal to become a global leader in Information Technology touching all seven continents.

Categories UncategorizedLeave a comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s