Keep unwanted email out of your system
While nasty websites and the occasional errant thumb drive might be to blame for many malware intrusions, the real threat within organizations comes from email.
Malware delivered by email typically arrives in the form of a compressed file attachment such as .ZIP or .RAR. These files are actually disguised executable files, and the moment you open them, you unleash the virus.
"They are getting cleverer these days, though," comments Chan with a wry smile. "Sometimes, the ZIP file itself is legit, but it contains an .EXE file disguised by Excel or Word icon. And if the Word or Excel document is legit, it contains an embedded .EXE as an object within the document. Double-click on any of those things, are you surrender your computer."
But while keeping your organisation's anti-virus solutions up-to-date might seem to be the only way to beat email-delivered malware, Chan believes that organisations can go a step further to beat the threat.
"Initiate a 'no ZIP/RAR attachments allowed' policy within your Junk E-Mail Filters, and then make an exception for one email address handled by your IT department," says Chan. "If someone does need to send such a file over to an employee, they can send it there. The IT department can then forward it to the user after verifying it."