Anti-malware practices

Anti-malware includes a broad range of practices designed to prevent, or identify and contain, malicious software infiltrating your systems. The risk of malicious software is that it undermines your perimeter security; whether that’s gaining external access to your systems, taking your information assets for ransom, and/or causing disruption to your systems and data.

 

The Consumer Data Right gives Australian’s control of their data. That enables innovation in new products and services to those consumers. To participate as a data recipient, there are five governance requirements and 24 information security requirements. These are independently audited by a qualified firm like AssuranceLab, and included in an assurance report for accreditation.

 

Most anti-malware practices form part of your Acceptable Use Policy - the behaviors, restrictions, and requirements that your employees follow to prevent the risk of malware. It’s impossible to eliminate the risk of malware, so the purpose of focus in this area is to reduce the risk to a sufficient, tolerable level, and complementing that with response plans. This is covered by the Security Incident Response plans or procedures. 

 

There's a lot of overlap with Data Loss Prevention practices. Although the risks and related objectives vary, it's the same information assets, system components, and often even the same preventive practices that mitigate the risk of anti-malware and data loss prevention.

 

End-user devices

 

User devices are often the weakest link for malware and related breaches of your security. You should consider restricting what devices are used for business purposes, using anti-virus software for devices, and ensuring operating systems are regularly updated to limit the vulnerabilities to malware. The data stored on laptops, locally saved passwords, and general usage of end-user devices should be limited to reduce the likelihood and potential impact of malware.

 

Emails

 

Emails are vulnerable to phishing attacks. That's where an external actor sends a scam email designed to get your employees to download a "document" that contains malware. Email filtering and blocking, document scanning solutions for executable files, and general security awareness and behaviors from your employees can mitigate the risk of malware from using email.

 

Websites 

 

Malicious software can be developed to work on a website or web server. This can be designed to steal sensitive information, apply malicious redirects, or inject spam content. Systematically blocking websites or applying policy restrictions on websites helps to prevent malware from potentially dangerous websites. 

 

Removable Media 

 

Removable media can be loaded with malware. A type of security hack is to leave a removable media drive in a public location and wait for an unsuspecting person to find it and insert it into their computer device to see what it is. That can trigger malware on the device. Systematically blocking removable media addresses this risk.

 

The CDR Perspective 

 

The CDR requires that anti-virus and anti-malware solutions are implemented on endpoint devices and on servers to detect and remove malware from the CDR data environment and are updated on a regular basis. End-user systems are updated with the latest virus definitions when they connect to the network. Reports or dashboards highlighting compliance metrics are regularly generated and monitored, and non-compliant items are actioned as soon as practicable.

 

About AssuranceLab

 

AssuranceLab is a modern cybersecurity audit firm. We're experts in the latest software and cloud providers. We guide your team through the compliance practices in a way that fits your environment and culture. We work closely with clients through our agile and collaborative approach; saving time, costs, and headaches along the way.

Some additional information in one line