Locking down endpoints to prevent virus resurgence
Nesky.D and Bugbear.B are readily recognized by security as past threats, discovered months or over a year ago. Yet each appeared on Symantec’s Top 10 Malicious Threats for May 2004. In reality, despite rapidly updated signatures for antivirus engines whenever a new threat breaks, and the wide use of antivirus software on servers and desktops, many viruses and worms aren’t eradicated; they just fade away.
Laptops are one culprit, say experts. Mobile workers may use their PC at home or on the road, cancel antivirus or other important software updates, or just not be available to install them. When such PCs reconnect to the corporate LAN, they can restart an infection. Of course, it’s up to security managers to clean up the mess, perhaps again. “Back in the virus [attacks] of last fall, one behavior we saw is you’d have this initial bump in vulnerability, followed by infections, followed by a smaller bump two weeks later from people who hadn’t been updated,” notes Rick Bilodeau, director of corporate marketing for iPass.
By Mathew Schwartz at Enterprise Systems.
[ Read more ]