Viruses don't do Christmas

Most companies' Internet security protection has a potentially fatal flaw: it relies on the long-suffering IT staff to run updates and install patches. Your staff may be good, they may be hard-working beyond compare, but they're people and they do need a day off now and then. Whatever you may think of virus writers, some of them are very good at picking up on opportunities. They've realised when companies are most vulnerable, and exploited this by carefully timing the release of new viruses and other threats at weekends, overnight, or on public holidays. For example, the Bagle virus was first spotted in early 2004 on Sunday January 18th, and then rapidly spread globally. Being released at a weekend caught out many companies, and anti-virus vendors scrambled to get updates available on the Monday. The virus's release appeared to be timed to coincide with two public holidays: Martin Luther King Day in the USA (Monday 19th), and Chinese New Year. While IT staff may not be at work outside office hours, it is common practice for company employees to leave their PCs running continuously so that mail is automatically downloaded. Also home users will have their PCs on, so there's plenty of computers on the Internet to spread the virus while nobody's on duty. So your network is vulnerable before the IT staff has realised there is a problem and can try and catch up. By then, it may be too late. >From our installed base of security appliances, we can track when viruses are reaching our customers. During the week we see an average of around three or four hundred viruses per appliance, and while this does drop to perhaps two hundred per appliance at the weekend, the volume is still significant. There are viruses knocking at the door of your network 365 days a year, Christmas or not. What can the poor overworked IT manager do to deal with this problem? Realistically, only the biggest companies are able to provide 24x7 IT cover to update virus protection, and even then holidays, staff illness and unforeseen demands can make it difficult to be on top of security at all times. For SMEs, IT cover is inevitably some way short of 24x7. One option is to outsource security, but many companies prefer not to choose this option. When we surveyed UK IT managers earlier in 2004, we found that nearly 70% said that managing security was complex and time consuming, but only 40% of respondents would consider outsourcing it. If you're handling security yourself, ensure you pick products and vendors that handle as many of the maintenance chores as possible automatically, without user intervention. Scheduled updates are essential, and some vendors can push the latest anti-virus signatures out to their customers' appliances and software, to ensure their protection is as up-to-date as possible. And, it goes without saying, you should pick a vendor that has a global presence and can provide 24x7 updates. Finally, there's no substitute for well-educated users. Security threats increasingly rely on social engineering and na