Cyber security: Malware protection
Protecting against a broad range of malware (including computer viruses, worms, spyware, botnet software and ransomware) and including options for virus removal will protect your computer, your privacy and your important documents from attack.
Why is malware protection important?
Malware is a significant problem. Research by SentinelOne and Vanson Bourne found that 40% of UK organisations fell victim to an average of five ransomware attacks in 2017.
Malicious programs can be delivered physically to a system through a USB drive or other means, or via the Internet through drive-by downloads, which automatically download malicious programs to users’ systems. Malicious websites and phishing – scam emails disguised as legitimate messages that contain malicious links or attachments – are two common delivery methods. More sophisticated malware attacks often feature the use of a command-and-control server that allows attackers to communicate with the infected systems, exfiltrate sensitive data and remotely control the compromised device or server.
An attack can be incredibly damaging, so it is important to protect your system, your privacy and your sensitive documents.
How to protect yourself
The UK government’s Cyber Essentials Scheme provides a set of five controls that organisations can implement to achieve a baseline of cyber security, against which they can achieve certification in order to prove their compliance.
Certification to the scheme provides numerous benefits, including reduced insurance premiums, improved investor and customer confidence, and the ability to tender for business where certification to the scheme is a prerequisite.
New to the Cyber Essentials scheme? Find out more >>
One of the scheme’s five controls is Malware Protection. This can help restrict the execution of known malware and untrusted software and prevent harmful code from causing damage or accessing sensitive data.
To minimise the risk of malware, your organisation should adopt at least one of the following approaches:
- Keep software up to date, with signature files updated at least daily.
- Configure software to scan files automatically upon access. This includes when files are downloaded and opened, and when they are accessed from a network folder.
- Ensure software scans web pages automatically when they are accessed through a web browser.
- Ensure software prevents connections to malicious websites.
Only allow approved applications to be executed on devices. Ensure that your organisation actively approves such applications before deploying them to devices, and maintain an up-to-date list of approved applications.
Ensure that all code of unknown origin is run within a ‘sandbox’ that prevents access to other resources unless the user explicitly grants permission.
View another Cyber Essentials control:
Solutions for Cyber Essentials certification
With IT Governance, you can complete the entire certification process quickly and easily using our online portal for as little as £300.
Buy now >>
Speak to an expert
Please contact our team for advice and guidance on our Cyber Essentials products and services.