Isolating infections to protect IT systems

With threats to the corporate network on the increase, security is one of the biggest service disrupters facing systems administrators and network managers. IT managers frequently experience concerns regarding security levels, such as those around implementing the correct patch or installing the best firewall technology to protect users back in the office from viruses.

With threats to the corporate network on the increase, security is one of the biggest service disrupters facing systems administrators and network managers. IT managers frequently experience concerns regarding security levels, such as those around implementing the correct patch or installing the best firewall technology to protect users back in the office from viruses.

Mobile working is on the increase so protecting the remote workforce should be a top priority for IT departments.

Protecting a network from remote workers, whose laptops may be infected with viruses, is often an afterthought for many IT departments, meaning that by the time it is addressed, the damage is often already done. I strongly urge companies to take the necessary measures to prevent contaminated PCs from connecting to the network by adding an extra layer of security, namely, quarantine technology.

A common threat and one that is often overlooked by IT managers is users who dial into a network from outside the office security perimeter. More often than not these users are not attached to the network and will not receive the correct patch or virus updates until they physically connect to the network.

Even though protective policies are constantly reiterated to remote workers, it seems many will continue to open attachments they find tempting and pick up unwanted viruses as a result. Some viruses even lie dormant on the user's PC, with most workers not realising they have infected their PC until they connect to the system and corrupt the entire network, at which point it is of course too late.

Scenarios like this can, however, be prevented by implementing quarantine technology. Once deployed, quarantine technology will alert IT administrators to those users who have contracted a new virus and do not have the correct protection in place. When any user connects to the network, the technology ensures it has the latest operating system patches and virus updates before the user is allowed full access.

If the network discovers that a PC is not compliant it will quarantine it away from the rest of the network. The isolation of non-compliant machines prevents infected files from affecting the rest of the PC and the network.

If a file cannot be disinfected it  is then provided with a safe house until the virus database is updated accordingly, neutralising the impact of any new virus. The technology will not allow access to the file until it has been provided with the necessary virus or patch updates.

Co-ordination and communication between the IT security and operations groups is vital in the fight against viruses. Without this, IT departments will find it impossible to completely eliminate vulnerabilities on the desktop, server and network.

By embracing new self-healing technologies such as quarantining, IT departments will possess a powerful tool that will enable them to regain some control in the ongoing struggle against hackers and viruses.

Paul Butler is principal consultant at Altiris

Read more on Network software

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close