StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Malware Management in the Enterprise - Essay Example

Cite this document
Summary
This paper 'Malware Management in the Enterprise' tells that Malware is a specially designed software that is equipped with spyware that is unnecessary and can cause serious damage to computer systems and even to the data and information accumulated on a particular system. There are different malware instances…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.9% of users find it useful
Malware Management in the Enterprise
Read Text Preview

Extract of sample "Malware Management in the Enterprise"

? [Malware Management] Malware Management in the Enterprise Malware is a specially designed software which is equipped with spyware that is unnecessary and can cause serious damage to computer systems and even to the data and information accumulated on a particular system. There are totally different malware instances. So as to agitate these instances properly, the user is required to make use of recent entry anti-malware merchandise that are designed from the quality approaches. This means that such instances are induced with the latest information referencing of the malware signatures. Every business or an enterprise ought to follow this classic approach with the “just-on-time” feature that entails malware information assessment and handling (IATAC, 2009). Background Malware problems are ever growing and continue to be a nuisance for computer users. Manufactures of malware programs have continued to increase over the years and by 2010, there were 14 million different malware programs recorded. An astonishing 60,000 sections of malicious code was being discovered every single day. A rather recent work known as the Koobface surfaced, its purpose was to target people on social networks and it’s created profited by making 2 million dollars in one year. A worm known as the Mariposa has been known to create the largest network of zombie machines on the entire planet. Experts, despite making their best efforts, could not calculate its exact size however they were able to pinpoint the number of computers that became infected by Mariposa which was over 12 million. What the worm did was drop spyware that stole susceptible information from the individuals who suffered, which includes bank account numbers and credit card credentials. This idea was completely planned by a solitary hacker in Spain who happened to make a blunder by chance that uncovered him and he was arrested (Milosevic, 2010). Forms of Malware Web attacks are counted amongst the foremost subtle and dangerous ways cyber criminals use. For instance, if you are searching any sites which may seem good and harmless but at the backend they are uploaded with various harmful malware which secretly get downloaded in the browser’s PC. It can happen as such that cyber criminals square measure all their probabilities and then they frame a hijack process. Mostly the advertising banners on these sites are used for such reasons hence it is extremely important that enterprises must place security barriers between the company’s system and internet arrangement (Baloch, 2011). Other forms within which malware can be formed include: Botnets Instant electronic messaging Phishing tries Skype malware Gaming malware Redirects If an administrator fails to execute an immediate action once he/she has recognized the entry of malware, then it can be ascertained that a door has been opened for criminals to siphon personal information from the computer. In the fight against the malicious software system, it isn't enough to treat individual infected machines. Enterprise Strategy for fighting Malware Too often, organizations create the error of treating malware infections as a series of irregular occurrences. Anytime a bug is discovered, IT merely cleans up or rebuilds the affected host and the whole system moves on with routine operational tasks. Nonetheless this approach does not permit the enterprise to stay up with progressively aggressive and innovative attack techniques used by malware authors. It is this time when management needs to take corrective action to bypass malware defenses, evade detection, and resist efforts to get rid of it (Zeltser, 2011). In fact, combating malware whether it is a big or a small enterprise atmosphere requires locating suspicious programs on servers and workstations and then executing the strategy for removing them. However it can also be done in the manner to conjointly investigate the areas infected and detecting the departments which interfere with the utilization of malware on the network. To win the battle of security, enterprises should discover malware proliferation techniques and attempt to eradicate such infections before they intensify into blanket pandemics (mhprofessional, 2009). Ultimately, in a large enterprise setting, wherever thousands of computers square measure loosely connected to perform various tasks, malware incidents should be treated as components of a holistic security incident cycle. The cycle contains four major phases: Plan Resist Detect and Respond In order to fight with the malware the system needs to be in-line with the entry device inserted between native network and net rather than having it connected to the tap/span port. These trends have led to buy a bigger security want since informatics addresses and URLs are unable to remain updated due to the speedy unfold of recent malware. Thorough and deep network traffic examination is additionally an efficient method of ridding the network of malware. Employing a malware monitor software system can instantly detect and report malware, hence thereafter, the administrator will be able to manually clean the damage. This methodology is effective however nearly infeasible and quite cumbersome (Zeltser, 2011). The CIA Triad The CIA Triad is an honoured and acknowledged designation for security policy development that has been used for locating trouble portions and identifying obligatory resolution for information safety. The CIA in CIA Triad represents: Confidentiality, Integrity, and Availability. The CIA Triad is a new model of security which has been introduced and designed to assist individuals in thinking about the significant features of IT security or perhaps to provide someone a means to formulate money on another catch phrase (Kinamik, 2007). Confidentiality Confidentiality is all about the significance of safeguarding the enterprise the majority critical information and data from admittance that is unauthorized. Protecting someone’s confidential information pivots upon defining and implementing the right access levels of information. Doing this quite regularly involves separating information into several diverse collections which that are organized by whoever has access to the information or how sensitive the nature of the information actually is i.e., how much damage would one go through with if that confidentiality was infringed. The general methods of controlling confidentiality across stand-alone systems includes conventional Unix file entry, right to use organization lists and dimensions encryption as cryptography plays an important part in securing information (Kinamik, 2007). Integrity The letter ‘I’ in CIA represent Integrity which can be particularly mentioned as information integrity. The important aspect which is related to the constituent of the CIA Triad is the protection of information from alteration or removal by illegal gathering which ensures that when the people who are authorized to make a modification that must not be made; the damage can be undone quickly and accurately. Portions of data must not be improperly adjustable whatsoever, for instance user account controls for the reason that even a transitory alteration can direct to noteworthy service interruptions and privacy violation. Other information should be highlighted while being easily accessible for adjustment rather simply following severe controls. Again, all this procedure must be designed in a manner that it can be reverted as much as probable in need of alteration that may afterwards be of regret like deleting files by mistake. In these circumstances version control software and timely backups are the mainly security procedures that are commonly used to make certain of integrity (Sengupta, 2011). Availability The CIA Triad’s last word represents Availability of information. Systems, admittance conduit and various other verification procedures need to be operating precisely at the right flow so that all the required information that is provided and protected can be accessed whenever required. High accessibility systems include such computing resources whose architectures are particularly designed in the direction of improvising availability. Relying on the explicit HA system design, it may specifically mark power break, upgrading, and hardware malfunction to ascertain ease of use. It has the power to administer multiple network connections to route in the region of network outages, or it may also be intended to tackle with probable accessibility troubles like Denial of Service attacks. Numerous researches specific to availability development are present such as failover redundancy systems, HA clusters, and quick disaster recovery ability for instance in the case of image based boot systems. If any particular activity of a business requires maximum valuable uptime all the provided choices must be considered in profundity (Kinamik, 2007). Symantec Malware Protection The threat Landscape has modified and cybercrime is rampant. Corporations cannot rely exclusively on desktop antivirus technology to safeguard themselves. Following the steps within the tabs below can improve the protection of desktops running a Symantec termination protection and stop malware (Paper, 2011; Musthaler, 2011; Symantec Corporation, 2013). Use IPS (Network Threat Protection): The Intrusion interference System (IPS) in Symantec termination defense discontinues intimidation prior to they will penetrate a machine. IPS stops susceptibility abuse and it also supports Drive-by-Downloads and faux Jewish calendar month installation (Musthaler, 2011; Symantec Corporation, 2013). Improve default Symantec termination Protection settings: Get the foremost out of Symantec termination Protection product by up its default location. Solely a couple of setting alteration will create a giant enhancement to security (Musthaler, 2011; Symantec Corporation, 2013). Keep browser plug-in patched: Venerable attacks have affected to the browser. In addition, users should make sure that the attacker could not be able to make use of Microsoft web someone, or Adobe Reader, Acrobat or Flash susceptibility to launch an attack on a system. It is suggested that ensure software are regularly updated through updates provided by their vendors or package distribution tools to install patches for safeguarding against any attacks (Musthaler, 2011; Symantec Corporation, 2013). Block P2P usage: The uncomplicated technique for sharing out malware is concealed within files is made public on peer-to-peer (P2P) networks. It is essential that enterprise should enforce a no-P2P policy, together with the residence usage of a corporate system. Put into effect the policy at the entryway and/or desktop. Teach additional regarding exploitation Symantec termination Protection’s Application management to dam P2P at the desktop (Musthaler, 2011; Symantec Corporation, 2013). Turn off Auto Run: Stop Auto Run feature as different network based worms jump from USB ports and network drives to a secure system (Musthaler, 2011; Symantec Corporation, 2013). Conclusion A few antivirus programs can protect against malware however the first step in solving a problem is identifying it. Since a long time, antivirus programs were not as familiar with the virulent malware as they should have been and malware scanners were overlooked however these days that is changing rapidly. In the meantime, a few measures which one can take to fight malware on their own terms are that lock your system to protect privacy. Securing your web browser and locking it is the first step against malware. One can then try and only use those applications that he or she is familiar with or are known applications that have been trusted by thousands. This is simple advice that a huge number of people neglect to follow however the most crucial step in protecting yourself against malware of all sorts if to get rid of suspicious emails or texts. If it is from an unknown source, remove it instantly and if still in doubt, take protective measures by installing malware scanners and removal tools. There are numerous programs that are worth every single penny that help remove malware. References Baloch, R. (2011). An Introduction To Keyloggers, RATS And Malware. Retrieved April 16, 2013, from expect-us.net: http://expectus.net/files/An%20Introduction%20To%20Keylogger,%20RATS%20And%20Malware.pdf IATAC. (2009). Malware. Retrieved April 16, 2013, from http://iac.dtic.mil/: http://iac.dtic.mil/csiac/download/malware.pdf Kinamik. (2007). The CIA triad. Retrieved April 16, 2013, from Kinamik Data Integrity: http://www.kinamik.com/download/Kinamik-Whitepaper_CIA.pdf mhprofessional. (2009). Attacks and Malware. Retrieved April 16, 2013, from mhprofessional.com: http://www.mhprofessional.com/downloads/products/0072255099/0072255099_ch15.pdf micromail. (2011). Symantec™ Endpoint Protection. Retrieved April 16, 2013, from micromail.com: http://www.micromail.com/files/admin/uploads/W285_Field_2_58491.pdf Musthaler, L. (2011, March 21). Best practices for stopping malware and other threats. Retrieved April 12, 2013, from NetworkWorld.com: http://www.networkworld.com/newsletters/techexec/2011/031811bestpractices.html Milosevic, N. (2010). History of malware. Retrieved April 16, 2013, from cryptome.org: http://cryptome.org/2013/02/malware-history.pdf Paper, W. (2011). Malware Security Report: Protecting Your Business, Customers, and the Bottom Line. Retrieved April 16, 2013, from verisign.com: http://www.verisign.com/verisigntransition101/files/MalwareSecurityReport.pdf Sengupta, P. (2011). The CIA Triad. Retrieved April 16, 2013, from electracard.com: http://www.electracard.com/upload/images/The%20CIA%20Triad.pdf Symantec Corporation. (2013). Security Best Practices. Retrieved April 12, 2013, from http://www.symantec.com/theme.jsp?themeid=stopping_malware Zeltser, L. (2011). Introduction to Malware Analysis. Retrieved April 16, 2013, from zeltser.com: http://zeltser.com/reverse-malware/intro-to-malware-analysis.pdf Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Information Technology Malware Management in the Enterprise Essay”, n.d.)
Information Technology Malware Management in the Enterprise Essay. Retrieved from https://studentshare.org/information-technology/1473256-information-technology-malware-management-in-the
(Information Technology Malware Management in the Enterprise Essay)
Information Technology Malware Management in the Enterprise Essay. https://studentshare.org/information-technology/1473256-information-technology-malware-management-in-the.
“Information Technology Malware Management in the Enterprise Essay”, n.d. https://studentshare.org/information-technology/1473256-information-technology-malware-management-in-the.
  • Cited: 0 times

CHECK THESE SAMPLES OF Malware Management in the Enterprise

New Venture Creation Project

A plan will help in raising funds for the business enterprise, and therefore set directions for the business.... Kaspersky is effective in protecting computer systems from malware and virus attack (Murthy, 27).... Dehydrated Business Plan: Business Name: Carlstron Enterprises....
8 Pages (2000 words) Essay

Information Security Management

The latest networking technology not only helps them achieve this but also allows them to expand their business and upgrade their SME into a large enterprise.... This paper ''Information Security management'' takes a look at the security threats that an SME faces online and its need of information security management to tackle these threats.... This paper would take a look at the security threats that an SME faces online and its need of information security management to tackle these threats....
18 Pages (4500 words) Research Proposal

Advanced Networking

iagram 1: Schematic of the Active Fault Management SystemFollowing techniques are used to repair the faults identified in the network of the IT System -Remove / neutralize fault, using redundancyRetry without intervention (time redundancy)Reconstruct data/state (data redundancy)Work-around (configuration redundancy)Substitution (code redundancy)Tolerate fault: reduce service qualityReduce speed, reduce precisionUse default, omit faulty partsSupportive functionality:Checkpointing - Dynamic ReconfigurationOrganization of Fault Management at XYZ enterpriseXYZ enterprise would be using all the techniques mentioned in the previous section to efficiently handle the Faults at the enterprise's complex system....
9 Pages (2250 words) Coursework

Enterprise Rent-a-car

the enterprise's founder Jack aimed at setting offices at local rental markets rather than setting up offices at airports (Busse and Swinkels 1).... The 1969 court decision was more advantageous to this enterprise since it required all insurance companies to start reimbursing By the end of 2010, the enterprise had grown bigger, and became the largest private car rental enterprises with 6,000 rental locations and 850,000 rental cars in service.... Since 1994, the enterprise has been the leading car rental company and by the year 2010, it accounted for almost half of the auto rental market with its competitor being Hertz (Busse and Swinkels 2)....
5 Pages (1250 words) Case Study

Issues Relating To the Management of People in Multinational Enterprises

Research has found that cultural differences and diversity, leadership styles, social factors are the main challenges for management in multi-national enterprises.... This essay gives an evaluation of the different issues that face managers in the multinational enterprise.... hellip; This research will begin with the statement that being a manager in a multinational enterprise is a difficult task.... It is evidently clear from the discussion that in the multinational enterprise, managers are often expatriates that come from a home country to a foreign nation to guide and control the business....
10 Pages (2500 words) Essay

Analysis of Social Enterprise

"Analysis of Social enterprise" paper analyzes pierce's a statement by discussing the roles of the various stakeholders within a social enterprise in their endeavor to meet a social end agreed upon by members that form the body of the given enterprise.... hellip; It is important to note that a social enterprise is a business undertaking and must be driven by the principles that all other forms of business utilize to perform....   In essence, there can never be a social enterprise without the involvement of different people in the undertaking and the aspect of gaining from the undertaking....
6 Pages (1500 words) Coursework

Mobile Enterprise

obile enterprise refers to those corporations that have adopted the use of wireless mobile devices in running their core operation functions.... The dominant enterprise platforms in the market today are Apple's iOS and the android system.... This paper is about mobilization as one such technique adopted by businesses and it refers to the incorporation of the use of mobile device technology in the day to day....
10 Pages (2500 words) Research Paper

Risk Control Plan Strategy for Cloud Services

This literature review "Risk Control Plan Strategy for Cloud Services" explores vulnerabilities that the enterprise faces.... the enterprise would benefit from expedient, ubiquitous, fast on-demand network access to a pool of shared configurable IT resources such as storage, networks, services, and servers that are provided rapidly and released through interaction with the service provider.... the enterprise often has on-demand access to scalable information on corporate stock control and pricing systems on the cloud, which is provided through web-based technology (Rahimli 2013)....
11 Pages (2750 words) Literature review
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us