Locking down endpoints to prevent virus resurgence
Nesky.D and Bugbear.B are readily recognized by security as past threats, discovered months or over a year ago. Yet each appeared on Symantecís Top 10 Malicious Threats for May 2004. In reality, despite rapidly updated signatures for antivirus engines whenever a new threat breaks, and the wide use of antivirus software on servers and desktops, many viruses and worms arenít eradicated; they just fade away.
Laptops are one culprit, say experts. Mobile workers may use their PC at home or on the road, cancel antivirus or other important software updates, or just not be available to install them. When such PCs reconnect to the corporate LAN, they can restart an infection. Of course, itís up to security managers to clean up the mess, perhaps again. ďBack in the virus [attacks] of last fall, one behavior we saw is youíd have this initial bump in vulnerability, followed by infections, followed by a smaller bump two weeks later from people who hadnít been updated,Ē notes Rick Bilodeau, director of corporate marketing for iPass.
By Mathew Schwartz at Enterprise Systems.
[ Read more ]