Stop Drive-By-Downloads

by | Apr/4/2012

It is time to review your anti-spam filters and your web-filters to ensure you are adequately protected against targeted email attacks as well as drive-by-download attacks. The latter attacks happen when one of your users visits an infected site. The settings your IT department configured in 2011 probably need to be reconfigured to repel new attacks.

When I perform IT audits, IT Professionals, more often than not, express frustration that the anti-spam and/or web protection is inadequate. Either you don’t have the proper tools, or usually you already have the tools but tied IT’s hands. Ask IT to make reconfiguring and/or activating these tools a priority.

Good anti-spam solutions block unwanted email, allow email you are interested in receiving, and even attempts to block viruses arriving via email. One of the biggest signs of a good service, in addition to working properly, is that the service saves your workers and your IT team time by not needing to babysit the anti-spam solution.

Eliminate specific E-mail attachments since they may contain malicious code. This infection vector is a significant source of infections that lead to attackers gaining control over major assets in your network.

It is important for security and productivity to implement a solution to block Internet access to inappropriate sites. While most everyone in an organization can quickly agree on blocking certain sites because the inappropriate content could endanger the organization. For other categories of web sites, there may be more than one point of view.

Consider, at least initially, only blocking the sites that everyone can agree need to be blocked. Simply activating the blocking tool will usually help reduce drive-by-downloads at some sites.

Many firewalls support web filtering although many firewalls do not provide reporting features with enough detail. If your solution is inadequate, then upgrade the firewall or add a tool that will provide this functionality.

Please post your comments on this blog.