X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.
There is clearly nothing sexy about virus defense. I have yet to meet an IT person who gets excited about it. Yet most will admit that it is the one issue that consumes the most time and attention. Fortunately, the science of virus prevention and detection has evolved dramatically over the last few years. New Web-based, “managed” anti-virus services even hold out the promise that IT staff may finally be able to turn their attention to other problems. One of the truly frustrating aspects of virus defense has always been its high overhead. Despite recent system management trends toward “set it, forget it” technologies and “zero administration,” the typical anti-virus regimen continues to keep us hopping. This is compounded by increasingly ubiquitous “anytime, anywhere connectivity” that only adds to the number of virus entry points into your system — e-mail, portable media, Internet gateways, remote clients (such as home PCs), handheld and wireless devices. On top of that, we now must consider the possibility that international terrorists may target corporate information to disable the U.S. economy. So how can a small to midsize firm secure these entry points, keep virus signatures active and current on everyone’s desktop and stay one step ahead of new and insidious viruses, without an inordinate investment in manpower and attention? Here are some possibilities based on recent experience. Most virus security experts recommend a multilayered approach, especially when it comes to e-mail, the number one carrier of malicious data. By scanning incoming messages at multiple points along their way to a recipient’s mailbox, you stand a better chance of detecting viruses. Consider three levels of filtering: 1. Perimeter Defense: Scan inbound messages before they get anywhere near your network. This is called perimeter (or boundary) defense. One option is a Web-based message filtering service such as MailWatch from EasyLink Services Corp. MailWatch uses anti-virus technology to stop e-mail based viruses before they reach your network. It also can be configured to block specific file-type attachments that are used to deliver virus payloads. (A typical list includes exe, bat, com, vbs, js, asp, scr, pif, chm, vbe.) MailWatch is relatively easy to set up and can cost as little as $2.00 per month for each user on your system. A simple message forwarding entry on your DNS server, and all incoming and outgoing e-mail (if you wish to have outbound messages scanned) will pass through the MailWatch system. Through an intuitive Web interface, system administrators can view real-time quarantine and traffic reports, set up customized notifications, release quarantined messages and even define block lists and additional content filtering options. Such a service will represent your network’s first line of defense against virus threats, and the good news is that it requires very little administrative attention. 2. Internal System: Next, scan messages as they move through your internal message system by installing one of the many anti-virus packages designed for e-mail servers and/or SMTP gateways. Most of the well-known virus defense companies such as Symantec Corp., Network Associates Technology Inc. and Trend Micro Inc. have products specifically designed for this purpose. I secure my Microsoft Exchange 2000 server with McAfee Groupshield. Each day, the server automatically goes out and checks for the latest virus signatures and downloads them if necessary. Any messages that MailWatch fails to detect will hopefully be stopped at this point. In more than six months I have had only two viruses infiltrate down to this level. 3. Desktops: Finally, each and every desktop requires some form of virus protection. In addition, any remote access workstations (laptops, home computers) also need to be secured. This is where life gets tricky. Managing virus signature and engine version updates on individual workstations is definitely a hassle. Sure, there are many ways to simplify this, such as scheduled or login script-based updates, but these are generally only effective for local desktops. What about users who connect remotely and/or infrequently, or even work on firm data on their home PCs? A recent survey from the data security industry indicated that more than 70 percent of all home PCs have either no virus protection or outdated versions that are effectively useless against current threats. Enter another Web-based, managed service that addresses these issues. Many of the big players in virus defense offer similar services, but I will mention one from Network Associates called McAfee ASaP. For as little as $60 per PC for a two-year subscription, you can have McAfee protect any PC, local or remote, that integrates with your system. No dealing with local software updates, or worrying about where that file has been before being accessed on the firm’s workstation. Once your account is established, and a small piece of software is downloaded and installed, that computer will check McAfee’s Web site for updates immediately after startup and at regular 24 hour intervals. What I love about this is that it accommodates all PCs, regardless of where they are, and automatically detects and removes any previously installed anti-virus software so that there will be no interoperability problems. To reduce the number of desktops on the local network accessing the Internet, the actual update is downloaded only once to the first PC that accesses the update site. All other desktops then get updates files from that first PC on the local network. System administrators can view a Web-based report indicating, in real time, what workstations have accessed the McAfee site to check for updates. This includes home-based and physically hard-to-reach PCs. The bottom line: With “managed” services, it is someone else who is managing them, not me. There is no software to load, update and support, for the most part, and my time can be better employed educating users in the many safe practices regarding exchanging information with other parties. I have a hunch that most IT people truly feel that this is the weakest link in any virus defense system. Getting attorneys and legal professionals to take suitable and necessary precautions when exchanging data is clearly a challenge. In this area, I feel a certain degree of informed neurosis on the part of users is actually productive. Regularly distributed tips, log-in based reminders and information on just how high the stakes are in this battle can go a long way in helping people to do what no technology can by itself. Wayne E. Smith is manager of information systems at Chester, Willcox & Saxbe in Columbus, Ohio. E-mail: [email protected].

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

 
 

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.