Q. Instant messaging (IM) is allowed in my company, but I have read about how Trojans and viruses can be spread via IM. How can I allow the use of IM without compromising on security?
Firstly, IM users should install and use the most updated version of the IM application. Without the latest security updates and patches, older and outdated IM versions are more susceptible to electronic attacks, such as viruses and Trojans. Besides using the latest IM program, users should also regularly update the security patches when they are released.
Secondly, IM users can mitigate the risk of electronic attacks by installing Internet protection software on their desktops and notebooks. Such software detect suspicious inbound traffic and alert the user of viruses and Trojans.
Based on the latest findings in Symantec's Internet Security Threat Report (ISTR) Vol. 8, more than 10,866 new virus and worm variants were discovered during the reporting period. This was a 48 percent increase over the previous reporting period where 7,360 new variants were found, and a 142 percent increase over the same time period last year.
Users and corporations should be aware that electronic attacks are on the rise and necessary precautions should be taken.
Also, there are best practices that businesses can adopt to ensure the necessary measures are taken to prevent electronic attacks:
- Always keep patch levels up to date, especially on computers that host public services, such as HTTP, FTP, SMTP, and DNS servers, and are accessible through a firewall.
- Train employees not to open attachments unless they are expecting them.
- Ensure that emergency response procedures are in place. This includes having a backup-and-restore solution in place in order to restore lost or compromised data in the event of successful attack or catastrophic data loss.
For home users:
- Use an Internet security product that combines antivirus, firewall, intrusion detection, and vulnerability management for maximum protection against blended threats.
- Ensure that passwords include a mix of symbols, letters, and numbers. Do not use dictionary words. Change passwords often.
- Never view, open, or execute any email attachment unless the purpose of the attachment is known.
With these best practices, users and corporations can continue to enjoy the benefits of communicating via IM with minimal risk.
Our expert: James Yeo, a senior consultant at Symantec Singapore.
Check out ZDNet Asia's Security toolkit for the latest news, whitepapers and case studies.