Month: February 2013

Good Grief, Another Virus?

Of all the most useless, time wasting activity that IT spends its life at is removing viruses from corporate systems and networks. It’s a mind boggling, grief stricken task for any IT administrator to go through, especially when the virus is so embedded into the network system, that it is a losing battle to sanitise the company. Most IT admin prefer lobotomy than to go through this thankless task.

We don’t usually clean viruses and worms for our clients, but at times end up doing it. It takes a lot of time, and we usually diagnose on the severity and the spread. In some cases we recommend a low-level format on the drive and reinstall new. But most worms now reside on the network and even if we clean or reinstall new, sooner or later, it gets sick again. The only way is to do an overall purge, meaning, every single desktop needs to be scanned and disinfected.

We’ve been helping out a client on this, and basically, the haphazard sharing of files and such has caused unmitigated disaster in the form of autorun.inf files propagating through the systems via shares, and then auto loading the payload. One of the mischievious things this virus does is to hide all the files so that we think that everything is deleted.

It’s a losing battle. In our previous battles with viruses, we decided to euthanise most of the old laptops that had viruses and buy new sets, reformat and reload our servers. We even moved our office physically, and set fire to our old office, watching all 22 floors go down in a blaze of glory. Of course not. It’s arson. And it’s illegal. But we did move office, because our rent got too high. Landlords are also another form of virus at times, but that’s another story.

Anyway, the term prevention is better than cure applies to viruses in IT terms as well as in health terms. The best way is not to get sick. And here are some practices for companies:

1. Get a good antivirus. Not one of those free AVG or whatever. A paid one. Kaspersky, Norton, we don’t care. Most of them are more or less the same, and works on most virus.

2. Update your OS. I hate to do it, because Windows releases updates like crazy, but we bought windows and agreed to be part of the guinea pigs to fix their systems so….

3. Host firewall. Your computer should have a firewall. Get one.

4. IT admins shouldn’t give admin rights to normal users. It’s like giving the keys to Candyland to a kid.

5. Secure your perimeter. This means you are at war. Don’t expose yourself to the internet, secure all systems that faces the internet.

6. Control your DNS. Most viruses infect your DNS, force you to a website, download the payload and execute. In PKF, we firewalled all DNS requests out (even Google ones), except to the approved DNSes we have. So if someone contacts a rogue DNS, it’s blocked.

7. Control your internet access. Most users have no idea that www.persiankitty.com isn’t a site to adopt cute kittens. Kill it. Get a webfilter tool and make sure your policies are pushed out to all desktops/laptops with internet access.

8. Educate your people. People are the weakest link to corporate security. Teach them that they are not supposed to click on strange links on emails, accept any file transfers from skype, open attachments, or engage in Professor Muzazoagabe from Nigeria who wants to pay them a million Euros, but require 1000USD to release the funds.

9. Use strong passwords. No, Iloveyou is not a strong password. Neither is 1234, or password123.

10. Document and have policies. Countless companies fail to have proper policies to address issues like this, and users are not govern in how they are supposed to conduct themselves.

11. Monitor! The best prevention is to rabidly monitor your systems and network as well as software on devices. Have a proper asset listing, software management system and patch management system.

12. Finally, and we’re not selling here: Do your IT audits and Penetration testing! It’s like saying I don’t need to go for a health checkup since I’m fine. By the time you are not fine, it’s too late.

Drop us an email if you need more information on how to stay well, or get well!

Quit Calling Me or I will PDPA you!

This might be what, in the near future, we- the hapless victims of thousands of unsolicited phone calls and emails and SMSes- can say to the perpetrators who haunt our dreams with midnight messages and ghostly voicemails.

Here’s the fact:

1) In my SMS inbox, I have three dozen messages from entities I don’t know over the last week. Half of them from politicians wishing me a good year of the Snake. Others from banks. Others from Astro. And I just had one telling me there’s an MACC stand up comedy coming up. What. The.

2) I have received some ridiculously timed phone calls. One came a few days back when Unifi was facing a nationwide outage, and which had all the TM support coming back from their homes to fix it, given that they had a one year downtime policy, with the commitment to give updates to customers every 500 hours of downtime. Yes, I am being sarcastic. Unifi is a good intention and we appreciate it, but there’s still a lot of holes to plug for that service. While halfway through one of the worst Unifi outage in the history of their short existence, I received a chirpy call from a woman identifying herself as a representative of TM. I immediately thank the gods for such superb, initiative from TM: to call me to apologise and to have my Unifi fixed immediately, without me lodging a call (since it was not possible due to Unifi support line also being down). Instead the chirpy woman started to ask me if I wanted to upgrade my Unifi package to better ones. I asked her if she was aware there has been a major outage and the entire world was tweeting #unifi and trending to #garbage. She happily responded she had no idea. I wish we could do an audit on Unifi support based on ISO20000 or ITIL. I bet we could add some value there.

3) How many emails have we received from companies we have unwittingly gave our information to? I am not talking about those health hormones, Nigeria scams, appendage enlargement junk email. I am talking about unsolicited marketing material from restaurants we have visited, companies we have met along the way etc. Admittedly we have also done such things (updating our customers)…but I have received piles and piles of emails and trilobytes of documents. It’s time for this madness to end.

So, Personal Data Protection Act? We’re not going to go through the 7 principles here. Many other websites have articulated it well enough. The question here is, if I have a company and we collect data as part of our CORE business, are we screwed?

No, you’re not. But you have some work to do.

You see, the PDPA is not telling you NOT to collect personal data. It’s governing the way you do it. It’s setting up rules, like putting a referee in a previously free for all football game. The good news is that, the rules are not extremely rigid or specific. So there’s what we unprofessionally call, wriggle room. Most consulting companies have fancy terms for this, but at PKF, we are what we term a coffee-shop jargon company. We don’t like to throw in big terms that can use an easy word to describe.

There are numerous ways to comply to PDPA, which we will touch on later. We provide IT and legal assistance for PDPA compliance. But the first thing you can do for yourself is this: do you have any policies and procedures governing your business processes? If the answer is no, then ┬áthere’s where you will generally need to begin. A documented approach on collecting, sharing and storing data is essential for compliance. If you already have, well, you’re on your way to compliance already even before you begin.

Let the new era of Data Protection begin!

© 2020 PKF AvantEdge

Theme by Anders NorenUp ↑