Anti-virus software alone will not keep your system secure.
In the past, I've talked about protecting your IBM server and environment from malicious code threats. While on the surface this involves guarding against viruses, anti-virus software alone cannot meet all needs. You really need a layered approach.
Key threats that we must guard against include viruses, port-scanning worms, patched programs, hackers from outside, and nefarious insiders. Addressing these requires anti-virus software, network security/access control solutions, and physical security.
The layers of a more complete security policy are as follows:
1. The Firewall
2. User IDs and Passwords
3. Access Control
4. Scanning on All Systems
5. The Safety Net
Within these, you may implement more-detailed mechanisms, but as a framework, these five layers can provide strong top-to-bottom protection. How do these layers factor into security, and how can you implement them?
Layer 1: The Firewall
Firewalls have long been an important security element, and you probably have a well-developed firewall in place. But while firewalls provide important protection, there's a common misconception that they create an impenetrable wall around the computing environment. A firewall will keep out casual intruders and provide protection against unwanted incoming traffic. It will not, however, prevent viruses, malicious code, or hacks from entering the environment via email, portable devices, secured connections, or insiders. Firewalls also will not prevent Internet downloads, which could introduce malicious code to the system. For that, additional layers are required.
Layer 2: User IDs and Passwords
Strong user IDs and passwords are the next layer of defense. If a hacker, a virus, or malicious code gains access to the system despite the firewall, these access controls can eliminate a large percentage of the risk facing the system. A recent incident in which stolen Windows Live Hotmail user names and passwords were posted to the Web site PasteBin revealed the overwhelming use of weak password by users. Crafting strong passwords and making sure company staff use them and protect them is critical to maintaining solid security.
Layer 3: Access Control
User IDs and passwords can be compromised, so for those who manage to get past that protective layer, user-level data access control is critical. PowerTech Network Security provides the tools to control which files and folders a user can access, thereby reducing the chance that someone who compromises a user ID and password will gain access to the company's sensitive and critical data. This layer also provides protection against threats originating from employees.
Layer 4: Scanning on All Systems
If a virus or malicious code makes it through the upper layers of your security, it's critical to quickly detect and eradicate it. Simply cleaning it when it appears on client PCs isn't enough. Because the virus could be living on your IBM server, such appearances could be merely symptoms of infection—not the source of the actual infection itself. Bytware's StandGuard Anti-Virus protects your server natively. You can use this tool to supplement the protection you have on your Windows PCs by scanning and cleaning the source of repeated infection rather than just treating the symptoms. StandGuard Anti-Virus protects IBM i (i5/OS and OS/400), AIX, and Linux. Leaving any area unprotected can be counterproductive to the implementation of your other layers and could potentially defeat the overall goal of your security policy.
Layer 5: The Safety Net
Despite your best efforts, security breaches will occur. With a solid, layered approach, these breaches should be limited; nevertheless, you must have a recovery plan. Daily backups are key, and supplemental software that catches deleted files throughout the day provides a safety net that will allow you to recover deleted data. This layer should also include an auditing process that examines the system and maintains a log that can pinpoint the causes and results of a breach to help prevent similar future occurrences. Help/Systems Robot/SAVE provides you with automatic backup and recovery, Bytware's StandGuard Recycle Bin provides constant protection against file deletion, and a PowerTech Compliance Assessment (a free service) can help you identify weaknesses and address them before a compliance audit takes place.
A multifaceted, layered approach to security will help you make your system safer and your company a shining example of modern IT security. Get the ball rolling with a free PowerTech Compliance Assessment. Then, learn more about the solutions mentioned in this tip and try them for free: PowerTech Network Security, Bytware StandGuard Anti-Virus, Help/Systems Robot/SAVE, and Bytware StandGuard Recycle Bin.