Symantec: Implement These Security Practices

I came across an interesting security piece on Symantec's Web site titled "antivirus software and the illusion of protection." Ever had users who get infected with malware despite having good antivirus software installed? Well, the article draws attention to the common attack vectors that are used by hackers to create security breaches and how this could result in systems being hacked despite the existence of security software.

While there is nothing really new or revolutionary in the security practices suggested by Symantec, they are nevertheless important points that bear reiterating.

1. Systems that are not patched with the latest operating system updates
2. Antivirus software running without the latest definitions
3. Not disabling the Autorun/Autoplay feature
4. Logging in as an Administrator for routine work or unnecessarily
5. Poor or weak password policies in the company

Updating one's operating system with the latest system patches is pretty self-explanatory. As I've constantly emphasized in the past, the current generation of antivirus software depends heavily on the use of virus definitions in order to identify malware. As such, it is imperative that definition updates are always downloaded and installed as soon as possible - attend to any problem in the updating of definitions as soon as possible.

In fact, persistent problems with updating to a new virus definition could well indicate the existence of a malware infestation.

Symantec also recommends that the Autorun feature be disabled so that an infected flash drive does not inadvertently trigger off a malware conflagration on the corporate network. On this, I would like to point out that the Windows 7 operating system already disables the problematic autorun feature on media other than CD/DVD.

Not performing routine work using an Administrator account is pretty intuitive, though the security vendor offers an interesting perspective pertaining to password policies. On forcing users to create passwords of sufficient complexity and also changing them on a regular basis, Symantec writes that:

"While that may be true initially, people get used to it, and yes it may increase the amount of calls to the helpdesk but it also has too many benefits on the security side to list and to be overlooked."