“Are we really protecting users and companies?” That’s the question McAfee recently asked the security industry in its second-quarter threat report—and it’s a fair and relevant question given the flood of malware, hacking incidents, and spam that has hit everyone from major corporations to small developer shops to individuals. READ MORE
Desperate times lead to desperate acts, including theft of valuable intellectual property. Protecting this information is challenging, but not impossible. Companies can prevent losses with the right combination of technology and detailed policies and procedures. For companies struggling to weather today’s economic storm, the operative word is “downsizing.” Although layoffs generate cost savings, they also put companies at risk as vital information can walk out the door with frustrated employees. To insulate businesses from potentially massive losses, company officials must work closely with their IT and security resources to implement effective controls and fortify hiring and exiting procedures. The costly reality Consider some findings from a recent study conducted by computer security firm McAfee, Inc., which surveyed 800 companies worldwide. In the report titled Unsecured Economies: Protecting Vital Information, companies reported average losses of $4.6 million in intellectual property in 2008. What did they cite as the major cause? Their own employees. When you combine today’s layoff-laden climate with the relative ease of transmitting information, the result is a virtual invitation to steal. Individuals motivated by fear of an uncertain future have easy access to flash drives, e-mail, and other back door avenues that enable them to penetrate vital areas to take, sell, or change intellectual property. Imagine, for example, that a company has employed a mathematician for several years. The employee brought a unique outlook to the firm and made some significant contributions. But when the time comes to let that employee go, he feels resentment and a sense of ownership in the work he has done. He may then decide to “punish” the company by taking his work with him, despite the fact that he was paid a fair salary for his contributions. Go back to basics The first step in remedying situations like these is to return to the beginning — revisiting your hiring policies. From day one, the rules must be spelled out so employees clearly understand their obligations about protecting intellectual property and the ramifications involved. Although it may be time-consuming, it is well worth the effort to make sure these policies are in place. An often overlooked option is in a well-formed employment agreement. If you don’t have one and do not have general counsel to help create one, seek advice from a law firm. It is also important to understand each employee’s roles and responsibilities. Think through what you will allow people to do and set up their security passwords and system rights accordingly. Those rights should be individually based as well as role-based, taking system integrity and support into consideration. Also consider increasing separation of duties of individuals who work on various applications and technologies. For example, you may hire a great developer, but that person would not need access to the company’s financials unless they are specifically working on them. The key is being precise — the more open the policies, the wider the employee access. Exit with care Just as you developed careful hiring procedures and policies, create a detailed checklist of exit procedures that are unique to your company. When layoffs occur, implement this checklist very quickly, particularly if employees had access to vital information. As you refine your exiting policies, consider how your layoff procedures will affect your culture and the level of trust between management and employees. A particularly hard clamp-down before an employee departure may be good business, but it may also be perceived negatively by employees. When trust is compromised, people may react negatively, e-mailing or downloading files well in advance. Employ the right tools Beyond a physical check of materials carried by departing employees, a variety of technological tools are available to prevent and detect data theft. First, make sure your firewalls are up to speed. Immediately shut off a separated employee’s passwords and all other access points they have been granted. Also shut off the individual’s internal connections and company email. When checking computers and e-mail, review where the employee sent files in the days preceding and following their departure. Consider how the separation occurred; there is a greater chance of information being transmitted if the employee was given several days warning. Pay special attention to e-mail sent with attachments and utilize tracking software to look for unusual activity, particularly files that have been downloaded to external drives. Losing employees has never been easy, but it is an increasingly common aspect of daily business. Compared with the cost of losing valuable information, the cost of setting up good policies, procedures and checklists is relatively small. Precise implementation of controls and tools can mean the difference between a sad departure and a serious hit to your bottom line. Mike Gorsage is a Partner and Technology Practice Leader for Tatum LLC. Tatum is the nation’s largest executive services firm, providing financial and technology leadership nationwide.
Note: This is the first in a series of technology updates by former Inc. senior writer Anne Stuart. Future columns will explore topics such as “spam,” videoconferencing, cell phone messaging, and smart business use of online auctions. Slammer. Klez. Bugbear. Bubbleboy. Lirva. Those sound like names for characters in kids’ cartoons, but they’re neither funny nor harmless. They’re computer viruses. And they’re increasingly common. Over the past decade, virus-writers worldwide have created and released about 80,000 viruses, worms, Trojan horses and other “malware” programs, according to Graham Cluley, senior technology consultant for antivirus software vendor Sophos Inc. (www.sophos.com) And about 600 to 800 new variations crop up every month, although, typically, only a few cause widespread or serious headaches. What exactly is a virus? It’s tiny, malicious software program designed purely to disrupt or damage computers. What exactly do viruses do? Some simply display odd messages or images. Many — including the famous Melissa virus — perpetuate themselves by sending infected messages to everyone in a user’s e-mail address book. Others gobble memory or storage space, making systems sluggish. Some corrupt files — for instance, changing spreadsheets or chewing up text documents — or erase them entirely. Some alter Web pages. Some reformat hard drives, block user access, or cause systems to freeze. A few disable security measures or open secret “holes” into computer networks, providing hackers with easy access. Like their biological counterparts, computer viruses can spread fast, attack systems silently, and cause a great deal of pain. In January 2003, the SQL Slammer worm circled the globe in less than an hour, infecting 75,000 computers in 10 minutes. Slammer, which paralyzed computers running Microsoft SQL Server 2000, temporarily shut down South Korea’s telephone system, knocked out thousands of Bank of America automatic-teller machines, and slowed credit-card transactions worldwide. How much financial damage can viruses cause? It’s tough to find reliable numbers about the costs of virus attacks because some effects — for instance, decreased productivity and unrealized business opportunity — are tough to quantify. In addition, many companies simply won’t share information about security-related losses. Following are several ways you can prevent or minimize the impact of virus attacks in your business: Install antivirus software on every computer. That includes laptops and PCs in remote offices. Encourage employees to use antivirus programs at home as well, especially if they use their own computers to connect to your network. In addition, consider protecting e-mail gateways with software that automatically blocks all incoming messages carrying executable code — but keep in mind that those filters may also capture legitimate business communications with harmless attachments as well. Keep antivirus programs current. With new viruses popping up regularly, it’s critical to make sure you’ve got the latest protection. Most leading solutions can be set to periodically update themselves online; you can also do the job manually to respond to new threats. Launch a company-wide prevention campaign. State-of-the-art security measures won’t protect your company unless everyone uses them. A single employee can unintentionally infect the entire network by opening a booby-trapped e-mail attachment or installing contaminated software. Make sure everybody knows and follows these basic virus-prevention procedures: Always delete junk e-mail messages — ads, jokes, chain letters — without opening them. More than 85 % of viruses infect businesses via e-mail, according to the International Computer Security Association’s (www.icsa.net) annual Virus Prevalence Survey released in March 2003. Never open e-mail attachments from strangers. And even those from people you know should be scanned with software that might spot viruses forwarded unintentionally. Be selective about downloading and installing software. Know the source and scan the files before running any new program. Get knowledgeable about pranks and hoaxes. Phony virus alerts waste almost as much time as the real thing. When you get a forwarded e-mail message breathlessly proclaiming some new threat, check it out at Vmyths (www.vmyths.com) or on other virus information sites before responding. Regularly update Microsoft products. Many viruses attempt to exploit vulnerabilities in Windows, Outlook, Internet Explorer, and other products by the giant software empire. Microsoft’s security page (www.microsoft.com/security/) provides alerts, “patches,” and advice for both home and business users. Back up. Back up. Back up. At work, store files on both PC and network hard drives. At home and on the road, copy important files to CDs or floppies. Begin backing up entire systems nightly or weekly, perhaps storing an extra copy of critical information offsite. Look into Web-based storage services such as Connected Corp. (www.connected.com), Easyspace’s Easyarchive (www.easyspace.com/services/easyarchive.html), and Elephant Backup (www.elephantbackup.com). The computer-virus universe changes constantly, with, according to some estimates, about 20 new viruses surfacing every day. You can’t vaccinate your computers against all of them. But with vigilance and commonsense caution, you can strengthen your company’s electronic immune system, making it much more likely to survive an attack. Glossary Antivirus Program: Software that detects and removes viruses from computer hard drives. Such programs must be updated regularly to add profiles for the thousands of new viruses that appear every year; updating can often be handled quickly online. Trojan (or Trojan Horse): A malicious program in disguise, named for the giant wooden gift horse the Greeks used to conquer their Trojan enemies. Trojans appear benign, entertaining, or even useful, but actually conceal viruses that can harm systems. Backdoor.BO (also called Back Orifice) is among the best-known examples. Virus: A malicious software program used to deliberately infect a computer system. Typically, viruses are concealed in existing programs and activated when those programs are executed. Viruses often cause damage by replicating themselves, causing systems to crash, or by attacking or attaching themselves to other programs. Stealth viruses remain hidden or change themselves after executing so that they can’t be detected. Well-known viruses include Melissa and Bubbleboy. Worm: A type of virus that replicates itself and gobbles up computer memory but cannot attach itself to other programs. Well-known worms include Klez.H, LoveLetter (sometimes called “IloveYou”), Bugbear, and Lovgate. Further Reading The following books, all available from Amazon (www.amazon.com) and other booksellers, offer generally easy-to-understand information about computer viruses: Securing the Network from Malicious Code: A Complete Guide to Defending Against Viruses, Worms, and Trojans, by Douglas Schweitzer (John Wiley & Sons, 2002). Offers sound, practical, comprehensive advice from a security expert. Updates provided on a companion Web site. Malicious Mobile Code: Virus Protection for Windows, by Roger A. Grimes (O’Reilly & Associates, 2001). Focuses on defensive strategies. Viruses Revealed, by David Harley, Robert Slade, and Urs E. Gattiker (McGraw-Hill/ Osborne Media, 2001). Explains what viruses are, how they work, where they come from, how to prevent them, and how to deal with them. Includes case studies. Also available as a downloadable, searchable e-book. Resources The following Web sites provide comprehensive information about viruses, worms, and similar threats: About.com Antivirus Software Guide antivirus.about.com/index.htm?terms=computer+virus News, glossary, encyclopedia of hoaxes, links to vendors and other resources. CERT Coordination Center, Carnegie Mellon University www.cert.org/ A wealth of information on all aspects of computer security at work and at home. CNET Virus Alert Center www.cnet.com/software/0-7760531-8-6319437-1.html News on current threats, advice on PC protection, links to free resources, and antivirus software vendors. Computer Security Institute www.gocsi.com Major membership organization for technology-security professionals; Web site contains articles, reports, and links to additional resources about viruses and other security issues. International Computer Security Association (ICSA) Labs www.icsa.net Independent arm of security vendor TruSecure Corp. (www.trusecure.com) offers “vendor-agnostic” testing and research. Web site contains constantly updated virus alerts, white papers, studies, an annual Virus Prevalence Survey, and more. National Institutes of Standards and TechnologyComputer Security Resource Center Virus Page csrc.nist.gov/virus/ Information, links to other resources and antivirus software vendors. Sophos Inc. www.sophos.com/safecomputing Safe-computing advice for both network administrators and individual users. Virus Bulletin www.virusbtn.com Independent antivirus advice, news, profiles, and resources. Vmyths http://www.vmyths.com Supersite for information on virus myths and hoaxes. Vendors Following is a sampling of major antivirus software vendors whose offerings include products, services, and information targeted to small and growing companies: Command Software Systems Inc. www.commandsoftware.com Founded 1984; now part of Authentium Inc. Offers antivirus software for home users, large companies, and small businesses. Web site’s Virus Center includes news, alerts, a glossary, research, e-mail newsletters, and other information. Computer Associates International Inc. www.ca.com Founded 1976. Offers antivirus software for businesses. Web site’s Virus Information Center contains alerts, encyclopedia, and an extensive glossary. McAfee Security www.mcafee.com/ Founded 1989. Offers antivirus and security solutions for home users, large companies, and small and growing businesses. Network Associates Inc., McAfee’s parent company, provides free virus alerts, updates, update on hoaxes, and other information. Panda Software Inc. www.pandasoftware.com Founded 1990. Offers antivirus software for home users, large companies, and small and growing businesses. Web site includes Virus Information Center with virus encyclopedia (including “Top 5″ current threats), hoax updates, tips, and other resources. Sophos Inc. www.sophos.com Founded 1986. Offers antivirus software for companies of all sizes. Web site includes a rich collection of analyses, articles, updates on hoaxes, and alerts, including monthly “Top 10″ virus list. Symantec Corp. www.symantec.com Founded 1982. Offers firewalls, antivirus software, and other security solutions for home users, large companies, and small and growing businesses. Web site provides free virus alerts, library of virus information. Customers can download anti-virus updates from home page. Provides updates on hoaxes. Trend Micro Inc. www.trendmicro.com Founded 1988. Offers network antivirus software and other security products and services. Web site includes virus advisories, encyclopedia, prevention tips, and additional information. Also offers a free online cost-analysis calculator for determining potential financial impact of virus attacks. Send feedback, column ideas, and tech tips to annestuartinc@yahoo.com.
Note: This is the first in a series of technology updates by former Inc. senior writer Anne Stuart. Future columns will explore topics such as “spam,” videoconferencing, cell phone messaging, and smart business use of online auctions. Slammer. Klez. Bugbear. Bubbleboy. Lirva. Those sound like names for characters in kids’ cartoons, but they’re neither funny nor harmless. They’re computer viruses. And they’re increasingly common. Over the past decade, virus-writers worldwide have created and released about 80,000 viruses, worms, Trojan horses and other “malware” programs, according to Graham Cluley, senior technology consultant for antivirus software vendor Sophos Inc. (www.sophos.com) And about 600 to 800 new variations crop up every month, although, typically, only a few cause widespread or serious headaches. What exactly is a virus? It’s tiny, malicious software program designed purely to disrupt or damage computers. What exactly do viruses do? Some simply display odd messages or images. Many — including the famous Melissa virus — perpetuate themselves by sending infected messages to everyone in a user’s e-mail address book. Others gobble memory or storage space, making systems sluggish. Some corrupt files — for instance, changing spreadsheets or chewing up text documents — or erase them entirely. Some alter Web pages. Some reformat hard drives, block user access, or cause systems to freeze. A few disable security measures or open secret “holes” into computer networks, providing hackers with easy access. Like their biological counterparts, computer viruses can spread fast, attack systems silently, and cause a great deal of pain. In January 2003, the SQL Slammer worm circled the globe in less than an hour, infecting 75,000 computers in 10 minutes. Slammer, which paralyzed computers running Microsoft SQL Server 2000, temporarily shut down South Korea’s telephone system, knocked out thousands of Bank of America automatic-teller machines, and slowed credit-card transactions worldwide. How much financial damage can viruses cause? It’s tough to find reliable numbers about the costs of virus attacks because some effects — for instance, decreased productivity and unrealized business opportunity — are tough to quantify. In addition, many companies simply won’t share information about security-related losses. Following are several ways you can prevent or minimize the impact of virus attacks in your business: Install antivirus software on every computer. That includes laptops and PCs in remote offices. Encourage employees to use antivirus programs at home as well, especially if they use their own computers to connect to your network. In addition, consider protecting e-mail gateways with software that automatically blocks all incoming messages carrying executable code — but keep in mind that those filters may also capture legitimate business communications with harmless attachments as well. Keep antivirus programs current. With new viruses popping up regularly, it’s critical to make sure you’ve got the latest protection. Most leading solutions can be set to periodically update themselves online; you can also do the job manually to respond to new threats. Launch a company-wide prevention campaign. State-of-the-art security measures won’t protect your company unless everyone uses them. A single employee can unintentionally infect the entire network by opening a booby-trapped e-mail attachment or installing contaminated software. Make sure everybody knows and follows these basic virus-prevention procedures: Always delete junk e-mail messages — ads, jokes, chain letters — without opening them. More than 85 % of viruses infect businesses via e-mail, according to the International Computer Security Association’s (www.icsa.net) annual Virus Prevalence Survey released in March 2003. Never open e-mail attachments from strangers. And even those from people you know should be scanned with software that might spot viruses forwarded unintentionally. Be selective about downloading and installing software. Know the source and scan the files before running any new program. Get knowledgeable about pranks and hoaxes. Phony virus alerts waste almost as much time as the real thing. When you get a forwarded e-mail message breathlessly proclaiming some new threat, check it out at Vmyths (www.vmyths.com) or on other virus information sites before responding. Regularly update Microsoft products. Many viruses attempt to exploit vulnerabilities in Windows, Outlook, Internet Explorer, and other products by the giant software empire. Microsoft’s security page (www.microsoft.com/security/) provides alerts, “patches,” and advice for both home and business users. Back up. Back up. Back up. At work, store files on both PC and network hard drives. At home and on the road, copy important files to CDs or floppies. Begin backing up entire systems nightly or weekly, perhaps storing an extra copy of critical information offsite. Look into Web-based storage services such as Connected Corp. (www.connected.com), Easyspace’s Easyarchive (www.easyspace.com/services/easyarchive.html), and Elephant Backup (www.elephantbackup.com). The computer-virus universe changes constantly, with, according to some estimates, about 20 new viruses surfacing every day. You can’t vaccinate your computers against all of them. But with vigilance and commonsense caution, you can strengthen your company’s electronic immune system, making it much more likely to survive an attack. Glossary Antivirus Program: Software that detects and removes viruses from computer hard drives. Such programs must be updated regularly to add profiles for the thousands of new viruses that appear every year; updating can often be handled quickly online. Trojan (or Trojan Horse): A malicious program in disguise, named for the giant wooden gift horse the Greeks used to conquer their Trojan enemies. Trojans appear benign, entertaining, or even useful, but actually conceal viruses that can harm systems. Backdoor.BO (also called Back Orifice) is among the best-known examples. Virus: A malicious software program used to deliberately infect a computer system. Typically, viruses are concealed in existing programs and activated when those programs are executed. Viruses often cause damage by replicating themselves, causing systems to crash, or by attacking or attaching themselves to other programs. Stealth viruses remain hidden or change themselves after executing so that they can’t be detected. Well-known viruses include Melissa and Bubbleboy. Worm: A type of virus that replicates itself and gobbles up computer memory but cannot attach itself to other programs. Well-known worms include Klez.H, LoveLetter (sometimes called “IloveYou”), Bugbear, and Lovgate. Further Reading The following books, all available from Amazon (www.amazon.com) and other booksellers, offer generally easy-to-understand information about computer viruses: Securing the Network from Malicious Code: A Complete Guide to Defending Against Viruses, Worms, and Trojans, by Douglas Schweitzer (John Wiley & Sons, 2002). Offers sound, practical, comprehensive advice from a security expert. Updates provided on a companion Web site. Malicious Mobile Code: Virus Protection for Windows, by Roger A. Grimes (O’Reilly & Associates, 2001). Focuses on defensive strategies. Viruses Revealed, by David Harley, Robert Slade, and Urs E. Gattiker (McGraw-Hill/ Osborne Media, 2001). Explains what viruses are, how they work, where they come from, how to prevent them, and how to deal with them. Includes case studies. Also available as a downloadable, searchable e-book. Resources The following Web sites provide comprehensive information about viruses, worms, and similar threats: About.com Antivirus Software Guide antivirus.about.com/index.htm?terms=computer+virus News, glossary, encyclopedia of hoaxes, links to vendors and other resources. CERT Coordination Center, Carnegie Mellon University www.cert.org/ A wealth of information on all aspects of computer security at work and at home. CNET Virus Alert Center www.cnet.com/software/0-7760531-8-6319437-1.html News on current threats, advice on PC protection, links to free resources, and antivirus software vendors. Computer Security Institute www.gocsi.com Major membership organization for technology-security professionals; Web site contains articles, reports, and links to additional resources about viruses and other security issues. International Computer Security Association (ICSA) Labs www.icsa.net Independent arm of security vendor TruSecure Corp. (www.trusecure.com) offers “vendor-agnostic” testing and research. Web site contains constantly updated virus alerts, white papers, studies, an annual Virus Prevalence Survey, and more. National Institutes of Standards and TechnologyComputer Security Resource Center Virus Page csrc.nist.gov/virus/ Information, links to other resources and antivirus software vendors. Sophos Inc. www.sophos.com/safecomputing Safe-computing advice for both network administrators and individual users. Virus Bulletin www.virusbtn.com Independent antivirus advice, news, profiles, and resources. Vmyths http://www.vmyths.com Supersite for information on virus myths and hoaxes. Vendors Following is a sampling of major antivirus software vendors whose offerings include products, services, and information targeted to small and growing companies: Command Software Systems Inc. www.commandsoftware.com Founded 1984; now part of Authentium Inc. Offers antivirus software for home users, large companies, and small businesses. Web site’s Virus Center includes news, alerts, a glossary, research, e-mail newsletters, and other information. Computer Associates International Inc. www.ca.com Founded 1976. Offers antivirus software for businesses. Web site’s Virus Information Center contains alerts, encyclopedia, and an extensive glossary. McAfee Security www.mcafee.com/ Founded 1989. Offers antivirus and security solutions for home users, large companies, and small and growing businesses. Network Associates Inc., McAfee’s parent company, provides free virus alerts, updates, update on hoaxes, and other information. Panda Software Inc. www.pandasoftware.com Founded 1990. Offers antivirus software for home users, large companies, and small and growing businesses. Web site includes Virus Information Center with virus encyclopedia (including “Top 5″ current threats), hoax updates, tips, and other resources. Sophos Inc. www.sophos.com Founded 1986. Offers antivirus software for companies of all sizes. Web site includes a rich collection of analyses, articles, updates on hoaxes, and alerts, including monthly “Top 10″ virus list. Symantec Corp. www.symantec.com Founded 1982. Offers firewalls, antivirus software, and other security solutions for home users, large companies, and small and growing businesses. Web site provides free virus alerts, library of virus information. Customers can download anti-virus updates from home page. Provides updates on hoaxes. Trend Micro Inc. www.trendmicro.com Founded 1988. Offers network antivirus software and other security products and services. Web site includes virus advisories, encyclopedia, prevention tips, and additional information. Also offers a free online cost-analysis calculator for determining potential financial impact of virus attacks. Send feedback, column ideas, and tech tips to annestuartinc@yahoo.com.
