How to Protect Your Data from Malware

Internet users are no longer so naive as to open files that come from unknown senders and with the promise of revealing celebrities in compromising situations. However, they still open emails that seem to have been sent by their bosses or business partners, without taking any precaution or verifying who really is behind the "No work tomorrow for all the employees" message.

In order to prevent their data from being hijacked, users are advised by the SANS Institute to enable the Principle of Least Privilege, which allows every module to access only the information and resources that are necessary for its functioning. "We tend to operate desktops under the principle of most privilege. How many of you allow your users administrator rights in the workplace? At home, everyone has local administrator. This allows the ‘bad guys’ free reign." says John Bambenek of the SANS Institute.

A common mistake people make is that of considering an anti-virus solution a cure-all tool. Their confidence in it goes to such extents that they don't back it up with other applications, which can really work together with the anti-virus to create a malware shield. SANS also underlines the importance of a firewall, that can enhance the estimated 90% chances of an anti-virus to block an attack – all the more when anti-viruses don't always manage to keep the pace with malware spreaders and that they only remove known threats.

"For instance, the combination of AV protection with a good perimeter firewall brings you a little farther down the road of security. While there is a debate on whitelisting vs. blacklisting technologies for binaries, a good step would be to start digitally signing binaries and go to a ‘bayesian’ method of determining risk. Not perfect, but better." Bambenek advises.

Both end-users and developers have to acknowledge that data, identities and intellectual property are those in need of protection, and not the case that hosts the information, as hardware components are. By acknowledging that their privacy is at stake, people may become more careful when pressing the "next" and "are you sure?" buttons of their anti-virus without reading the text. With all that, the Institute does not hold people responsible. SANS recommends developers to be more careful when alerting users about malware, because they tend to "mash button" the questions and indications, which are often redundant or too difficult to understand.

[Source: softpedia]