Sage Advice - Cybersecurity Blog

An Overview of Malware Detection and Prevention Controls

control-malwareThe number of malware is growing exponentially and is becoming more sophisticated, so it's never been more important to employ a strong anti-malware defense-in-depth strategy to protect your organization's information assets. While prevention controls remain important, your organization's cybersecurity strategy should also include strong malware detection controls.  Here's quick review of the different controls you should implement for malware detection and malware prevention in your organization.

Malware Prevention Controls

The goal of prevention control is to stop an attack before it even has a chance to start. This can be done in a number of ways:

  • Impact the distribution channel by training users not to click links embedded in email, open unexpected email attachments, irresponsibly surf the Web, download games or music, participate in peer-to-peer (P2P) networks, and allow remove access to their desktop.
  • Configure the firewall to restrict access.
  • Do not allow users to install software on company-provided devices.
  • Do not allow users to make changes to configuration settings.
  • Do not allow users to have administrative rights to their workstations. Malware runs tin the security context of the logged-in user.
  • Do not allow users to disable (even temporarily) anti-malware software and controls.
  • Disable remote desktop connections.
  • Apply operating system and application security patches expediently.
  • Enable browser-based controls, including pop-up blocking, download screening, and automatic updates.
  • Implement an enterprise-wide antivirus / anti-malware application. It is important that the anti-malware solutions be configured to update as frequently as possible because many new pieces of malicious code are released daily.

Malware Detection Controls

Detection controls should identify the presence of malware, alert the user (or network administrator), and in the best-case scenario stop malware from carrying out its mission. Detection should occur at multiple levels – at the entry point of the network, on all hosts and devices, and at the files level. Detection controls include the following:

Note: This article contains excerpts from Security Program and Policies: Principles and Practices (2nd Edition) by Sari Greene.


The Key to Cyber Threat Detection - Log Analysis Guide Download

Learn how log analysis can help you protect your information assets and detect network threats.  Our informative Log Analysis Guide will walk you through the basics of log analysis - why it matters, what it can tell you, and how to do it. You’ll also learn about the five important aspects of a successful log analysis process.

 Go to Download

 

Topics: Threat Detection Tips, Malware, Cyber Defense


The Sage Cybersecurity Lifecycle

The Sage Data Security Cybersecurity Lifecycle

Cybersecurity isn’t a destination.

There is no single, straight path that will get you to the point where you can say, “We did it! We’re 100% cyber-secure.”

A more realistic destination is cyber resiliency – the ability to prepare for and adapt to changing conditions, so you can withstand and recover rapidly from disruptions. Achieving cyber resilience depends on what we like to call the cybersecurity lifecycle – an ongoing cycle of interconnected elements that compliment and reinforce one another.

Learn More