Matakuliah Tahun Versi :A0334/Pengendalian Lingkungan Online : 2005 : 1/1 Pertemuan 10 Software Protection 1 Learning Outcomes Pada akhir pertemuan ini, diharapkan mahasiswa akan mampu : • Mahasiswa dapat menyatakan Software Protection 2 Outline Materi • Virus Attack – The Nature of The Virus Threat • Damage to Data • Clean-Up costs • Spreading The Infection – Protecting Against Viruses • Anti-Virus Software • Policy Solutions • System Procedures – Appropriate Responses – Conclusions 3 Virus Attack • As too many organisations are aware,virus infections can be both destructive and farreaching. Nowadays it would be difficult to find a company whose everyday routine does not rely upon the smooth running of its IT infrastructure. It is therefore easy to see why a rather unpleasant can of worms is opened when that is compromised. 4 The Nature of The Virus Threat • Damage to Data • Clean-Up costs • Spreading The Infection 5 Damage to Data • One of the most talked about effects of a virus attack is the damage it can do to a company’s data. Many viruses are capable of wiping hard disks or corrupting the records held on a machine. 6 Clean-Up Costs • Deciphering how much it costs an organisation to reinstate lost data or to negate corruptions made by malicious code is an almost impossible task and depends greatly on the specifics on the virus in question. 7 Spreading The Infection • There are some viruses, such as Melissa and Sircam, that are capable of randomly selecting documents from an infected PC and distributing them to the contacts listed in an infected user’s address book. The virus will not search for any document in particular – whether it happens upon your latest financial projections or your plans to merge with another company is really left to chance. The likelihood, though, is that if it is a document of that nature, there are certain people (quite possibly in your email contact list) whom you wouldn’t want to see it. 8 Protecting Against Viruses • However, it is not all doom and gloom. 9 Anti-Virus Software • Probably the most obvious step to take is to install a reliable anti-virus solution that is updated regularly. Most anti-virus solutions are able to detect the majority of viruses; but the speed with which updates to protect against the latest viruses are delivered differs somewhat. Most vendors offer automated updating over the Internet but customers should check out exactly how often they will updated. 10 Policy Solutions • Apart from the software there are other measures a company can take to protect itself against malicious code. One of these is to develop a safe computing policy whereby employees are informed of how to use their machines safely. Educating users about possible threats should begin at company induction stage so that members of staff know what is expected of them from the outset. • A safe computing policy should include points such as not opening unexpected emails and not downloading material from the Internet. 11 • In addition, no files with double extensions should be executed. There are very few occasions when such a file would be legitimately required and the vast majority of them should be treated with suspicion. The simplest thing to do is to ask the sender to re-send the file with the correct extension. 12 • Another measure to include within such a policy is the saving of Word documents as rich text format (.rtf) instead of as documents (.doc). Docs support the macro language, which allows macro viruses to run – it is far more difficult to infect an .rtf file. Users should also be instructed not to open or forward joke, movie or graphics files. 13 System Procedures • Network administrators should also employ measures such as disabling Windows Scripting Host, changing the CMOS boot-up sequence and blocking certain file-types at the email gateway. Some vendors include technology within their products that allows IT managers to prevent certain files from ever entering an organisation – this is certainly something to look out for when purchasing an anti-virus solution. A full list of safe computing procedures that would form a good basis for such a policy can be found at www.sophos.com/safe-computing. 14 Appropriate Responses • Another important issue for organisations to consider once a safe computing policy is in place is what to do should an employee contradict the guidelines and allow a virus to penetrate the company defences. 15 Conclusions • Anti-virus protection in today’s climate demands a multi-faceted approach. Gone are the days when simply installing the software was enough. That software needs to be maintained constantly, by vendor and customer, to ensure that it detects the maximum number of viruses. In addition to the software, all users within an organisation should be taught how to use their computers safely. • Despite the horror stories of what viruses can do, it is worth remembering that it is possible to mount a comprehensive defence. Most virus incidents con be avoided relatively easily. 16 The End 17