Skip to main content

Management of virus

1.Managerial / Administrative Control

An information resource manager or network manager or administrator of the network – are the managers responsible for the security of the system. They are the personnel responsible to carry out the actual work and place controls as checks. Essentially, managerial or administrative controls are the functions carried out the personnel mentioned above. Some of the activities they undertake include –
Configuration of Software:

  • Anti-virus software is configured for right detection of malware and raising alert.
  • It is also configured to put frequent checks on all incoming and outgoing email and data traffic from and to the organisation servers.
  •  Managers also need to take care of configuring the software to detect, delete or ignore any suspicious code in the system.
  • Software should also be configured for frequent updates and upgrades.
  • Managers also need to configure to run the software frequently to generate required reports for the management.

Installations and Documentation:

  • Managers and administrators are the personnel to take care of updating of software like operating systems or productivity tools like Office applications or anti-virus tools etc. by actually carrying out the installations.
  • Every installation is documented by the managers for its users to refer to for the reasons like – next update, user manual, maintenance process, process to raise concerns.
  • Checks and Audits:
  • Regular checks are carried out by the administrators to make sure that.
  • Anti-virus software are not disabled.
  • All required software are installed at right place and from authentic sources.
  •  Required system scanning frequency is followed.
  • Required reports are generated for every user system and trails are maintained.

Managers also make sure that various security processes are updated, communicated with all users and training programs are conducted as per the policies. Such processes and policies are strictly followed by admin team to set the example to others.

2. Procedural Control

Procedural control is a combination of various procedures laid out for the users of the systems to follow. Such procedures act as controls to save from malware disaster. The procedures include policies that make users follow certain rules while at work. Let us have a look at some of such procedures that are the best practices to follow.
Training:
With advent of new installation of a software or hardware, users need be made aware of its intricacies. An organisation is expected to have a training framework in place. Every user of a new system or installation must undergo training that makes him aware of risks arising due to infections.
Awareness of Admin Policies:

  • It is a responsibility of any organisation to make the policies visible to the system users. Whether to carry any external hard drive to the office or to access private email from office system or to access a specific website – all such policies if any, should be made visible to every user.
  • Every user is also made aware about the mechanism to follow in case he comes across any virus threat.

Data Storage Policies:

  • This requires a special attention since losing data may be the biggest loss to the organisation. Certain policy of data storage at central place or data centre policy is essential to ensure smooth functioning of the system.
  • Procedure for back-up and recovery of data is another important part of the policies that organisation comes up with. This procedure is defined based on the size of data as well as user levels.

Physical Security:
Not only the system security is important from its software perspective but its physical security is also equally important. At the same time, system users too may be checked at the entrance and exit points in case of system usage at highly confidential establishments like nuclear plants or defence organisations.

3. Technical Control

Technical controls are the processes followed to check the working of technology aspects of the network, servers, user access controls, architecture of the system, firewall etc. All such controls are defined in the policies and procedures defined by the network and information systems teams of the organisations. These are the protection measures undertaken to secure the systems from the virus attacks.
Network Architecture:

  • Identify and document all the connections in the network.
  • Prepare and keep updated the network diagram to identify other connected networks.
  • Make sure all networks are easily isolated if need be or keep the plan ready to isolate any infected network.
  • Analysis is carried out in every network where there are connections to the internet or other networks.
  • Identify and keep updated the users connected to the network.

Firewall:

  • Create rules and keep the document updated on every rule amended at the time of installation of a firewall in the system.
  • Implement rules and procedures with role assignment at the time of installation.
  • Monitor and generate tracking report at right frequency.

Anti-virus Software:

  • Maintain updated versions of the software procured from the right vendors.
  • Document the software upgrade and maintenance schedule with the help of the vendor.
  • Follow the installation procedure as recommended in the software.
  • Configure the software frequently as required to make sure that scanning and infection removal happens every time.

Access Control:

  • List and update the users of the system frequently.
  • Update the access controls in the form of rights allotted to every user.
  • Monitor and take corrective action as and when unexpected user access is identified.
  • Maintain the remote access users and their inventory along with authentication checks.
  • Maintain inventory for access time, time limits, privileges and access rights for all types of access – direct or remote.
  • Conduct checks and audits frequently.
  • Maintain checks for wire-less users of the system.
  • Maintain and update password policies.
  • Keep inventory of users and past users who might have left the organisation.
  • Back-up and recovery plans.
  • Organisations must have disaster management plan in place. Frequent back-ups are taken in hard disks and stored at secured places.

Comments

Post a Comment

thank you for visiting :)

Popular posts from this blog

The Seven-Step Model of Migration

Irrespective of the migration approach adopted, the Seven-step Model of Cloud Migration creates a more rational point of view towards the migration process and offers the ability to imbibe several best practices throughout the journey Step 1: Assess Cloud migration assessments are conducted to understand the complexities in the migration process at the code, design and architectural levels. The investment and the recurring costs are also evaluated along with gauging the tools, test cases, functionalities and other features related to the configuration. Step 2: Isolate The applications to be migrated to the cloud from the internal data center are freed of dependencies pertaining to the environment and the existing system. This step cuts a clearer picture about the complexity of the migration process. Step 3: Map Most organisations hold a detailed mapping of their environment with all the systems and applications. This information can be used to distinguish between the ...
Post a Comment
Read more

Special Permissions in linux

The setuid permission on an executable file means that the command will run as the user owning the file, not as the user that ran the command. One example is the passwd command: [student@desktopX ~]$ ls -l /usr/bin/passwd -rw s r-xr-x. 1 root root 35504 Jul 16 2010 /usr/bin/passwd In a long listing, you can spot the setuid permissions by a lowercase s where you would normally expect the x (owner execute permissions) to be. If the owner does not have execute permissions, this will be replaced by an uppercase S . The special permission setgid on a directory means that files created in the directory will inherit their group ownership from the directory, rather than inheriting it from the creating user. This is commonly used on group collaborative directories to automatically change a file from the default private group to the shared group, or if files in a directory should be...
Post a Comment
Read more

RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version

import tweepy /usr/lib/python2.7/dist-packages/requests/__init__.py:80: RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version!   RequestsDependencyWarning) Traceback (most recent call last):   File "<stdin>", line 1, in <module>   File "/usr/local/lib/python2.7/dist-packages/tweepy/__init__.py", line 14, in <module>     from tweepy.api import API   File "/usr/local/lib/python2.7/dist-packages/tweepy/api.py", line 12, in <module>     from tweepy.binder import bind_api   File "/usr/local/lib/python2.7/dist-packages/tweepy/binder.py", line 11, in <module>     import requests   File "/usr/lib/python2.7/dist-packages/requests/__init__.py", line 97, in <module>     from . import utils   File "/usr/lib/python2.7/dist-packages/requests/utils.py", line 26, in <module>     from ._internal_utils import to...
Post a Comment
Read more

tag