CIOL - Custom Sites : Trend Micro

News and Views

More on WebThreats

	Read our WebThreat Brochure >>

	Learn More >>

	Download Whitepaper >>

	Listen to Podcast >>

	Trend Micro Warns of Fast-Moving Web Threat >>

	Risk for Corporate End Users as Web Attack targets Social Surfing >>

	Threat Roundup & Forecast >>

	Trend Micro 1H 2007 Threat Roundup and 2H >>

Learn More

	Web Security >>

	Messaging Security >>

	Endpoint Security >>

	Defense in Depth >>

	WRS Online Query >>

	URL Re-classify >>

Reach Us

	Instant Security Consultant >>

	Contact Us >>

Web Threats Are Serious Business

Contd..

For corporate users:

- Deploy HTTP-scanning methods: Due to the prevalence of web threats, it is highly recommended to implement web-scanning systems in mid to large-size networks. Not only is it advisable to deploy these, but also to make sure that users cannot bypass them. The most secure way to implement such a system is to force users to forward all web requests to the scanning device and deny them otherwise. Closing this gap is key in the fight against malware and spyware, since the web has become the number one point of entry in the corporate network.

- Do not allow unneeded protocols to enter the corporate network: The most dangerous of them are P2P communication protocols and IRC (chat). These two are part of the bot arsenal of weapons to propagate and communicate with their botmaster and should be disallowed in the corporate firewall.

- Deploy vulnerability scanning software in the network: Having the operating systems constantly up-to-date can minimize the impact of any new network vulnerability and diminish the risk of being infected by these kinds of worms. It is highly recommended to keep all other applications patched as well. This includes especially office productivity applications and all other software that users utilize.

- Restrict user privileges of all network users: Kernel-level rootkits are implemented as device drivers and therefore, denying users the right to "load and unload device drivers" will largely stop them. Windows Vista already provides a protection feature to prevent this by default. Other malware use administrator-level capabilities to perform other malicious actions. It is wise to limit what a rogue program can do by limiting its user privileges. This is accomplished by depriving normal users of administrator rights.

- Deploy corporate anti-spyware scanning: As they are becoming prevalent threats for corporate businesses, the administrators need to deploy specific software to detect and stop them.

- Support User Awareness campaigns: Most of the attacks utilized nowadays by malware try to fool the user. This is called social engineering and is especially important to take it into account, as it is key in almost every infection. Most of the malware detected in 2006 would not have done any damage had the user not clicked on the malware. We can minimize the effect of malware in our networks by showing our users how attackers try to fool them. We must teach users basic security measures and how to react to typical attack scenarios. This goes a long way towards preventing internal outbreaks in the company. It is important to keep the users up-to-date with new attacking strategies, as well as bring new users up to speed with company security policies and recommendations.

<<Previous

	Simplify Business Management. ERP solutions by IBM
	Carry your Dream, Convey your Value with ZTE
	Get EMC Efficient.Learn more

	Get expert views on Mobilin V2
	How to make your enterprise productive
	Unified Communication can impact business. Know how

	Making Web3.0 a Reality!
	CIOL Enterprise Next :What's NEXT in IT? :

	Reach your desired Target Audience and realize high ROI
	Effective ways of Customer Acquisition through Demand Generation
	Reach 2,500 potential Enterprise Customers!