New danger from web pages. We only used to have to worry about email, but new (mostly java based) attacks can come from simple browsing.
Your main defense (assuming you are a Windows user) is to keep up with Microsoft Updates. Unfortunately, that can cause its own share of difficulty. I did this recently at a small office: four of the five machines took Windows Updates successfully, but the fifth would not reboot. It took about an hour of work to get that machine back up and running. Regardless of that risk, these updates need to be done, and you need to check back for new updates very regularly.
One thing to be aware of if you haven't done these updates for a while: the default result is to turn off the ability to save attachments in Outlook Express. While that is good security, you may need to be able to save attachments. It's easy enough to turn back on (Tools->Options->Security) if you do need it.
Another defense is to control where users can browse. The Kerio Firewall server that I sell can prevent access to unauthorized sites both by category (sex, sports, gambling) and individual domains. It's completely flexible: if you have certain users who can't be restricted or need different restrictions, that is easily done.
MOVING FROM WINDOWS
I have had a number of contacts recently from people asking me how they can "get away from Windows". The problems they cite are the poor record for Microsoft in the area of security and viruses and (probably more importantly) the increasing expense of Microsoft software.
For most companies, you really cannot avoid Microsoft 100%. If you are fortunate enough to run Unix based server software, you probably still are dependent upon Windows programs like Microsoft Word or Powerpoint. Expensive as they are, many of you just cannot operate without them.
However, the situation isn't totally bleak. You don't have to be completely "held hostage" (I've heard that phrase often recently). See Held Hostage for more on that.
Got something to add? Send me email.
More Articles by Tony Lawrence © 2011-03-20 Tony Lawrence