Home Page Navigation Contents Contact Sitemap Search

Virus pro­tec­tion in an SME environment

Virus pro­tec­tion is one of the basic pro­vi­sions of any com­pany, as mal­ware poses a threat seri­ously on the rise in our dig­ital world – and to SMEs in par­tic­ular, too. Con­sis­tently applied tech­nical virus pro­tec­tion and con­scious human behav­iour con­sti­tute the best reme­dies here.

The most impor­tant points to remember:

  • Define and imple­ment a virus pro­tec­tion process in your SME.
  • Create an overview of chan­nels for mal­ware to intrude and dis­tribute itself inside your company.
  • Draw up a virus pro­tec­tion con­cept to estab­lish where the most effi­cient check­points for your virus pro­tec­tion should be set up.
  • Sen­si­tise your employees to the dan­gers posed by mal­ware.

The virus pro­tec­tion process

There are a variety of excel­lent antivirus pro­tec­tion sys­tems offered by numerous sup­pliers nowa­days, which can be adapted to the most vari­able of needs and cir­cum­stances inside SME net­works. How­ever, prior to this, you will have to under­take an analysis to eval­uate the optimum solu­tion, and then imple­ment it in a pro­fes­sional manner.

Still, things don’t stop there: The same way cyber crim­i­nality and mal­ware keep evolving, you will have to con­tin­u­ously keep main­taining and updating your pro­tec­tive mea­sures, too. Your virus pro­tec­tion for instance should always be updated with the latest virus patterns.

To do so, you will have to estab­lish a virus pro­tec­tion process to safe­guard not just the imple­men­ta­tion of proper mon­i­toring of your data flows, but also the detec­tion and removal of mal­ware and the main­te­nance of your system. And it is just as impor­tant to reg­u­larly keep sen­si­tising your employees to this kind of threat as part of this process.

The dis­tri­b­u­tion channels

SME net­works are becoming ever more com­plex. New soft­ware solu­tions are imple­mented, new data links cre­ated and infra­struc­ture fine-tuned almost daily. Cyber-crim­i­nals abuse the resulting com­plexity to keep finding and exploiting ever new chan­nels of intru­sion and distribution.

To iden­tify poten­tial chan­nels of mal­ware intru­sion and dis­tri­b­u­tion as exten­sively as pos­sible there­fore forms the basis of your virus pro­tec­tion con­cept. One estab­lished approach here is to think in scenarios:

  1. “How and where could an attacker plant mal­ware in the network?”
  2. “How could this mal­ware then spread through the network?”

The fol­lowing chan­nels are fre­quently abused to plant mal­ware in a system:

  • Internet, Wi-Fi and VPN connections
  • Attach­ments to com­mu­ni­ca­tions, e. g. e-mails
  • Mobile devices owned by employees and visitors
  • Remote Desktop (RDP) and ter­minal server applications
  • Exchange of phys­ical data carriers
  • Insuf­fi­ciently pro­tected IoT enviroment

Once it has found its way into an internal net­work, mal­ware can then exploit vul­ner­a­bil­i­ties to spread fur­ther, and can for instance also be acti­vated by care­less actions of your employees, to then do its destruc­tive work. In such cases it is impor­tant to limit the resulting damage to the largest extent pos­sible, and to pre­vent wide­spread distribution.

The virus pro­tec­tion concept

Based on the chan­nels of intru­sion and dis­tri­b­u­tion iden­ti­fied, you can then deter­mine where exactly inside your net­work your virus pro­tec­tion mea­sures would be most effective.

Based on your expo­sure, you should screen incoming and out­going net­work con­nec­tions with the Internet for mal­ware in par­tic­ular. This can be imple­mented on your fire­wall or your proxy and com­mu­ni­ca­tion servers. In this, it is impor­tant to note that con­tent has to be checked before being encrypted or after being decrypted.

Mobile devices owned by employees and vis­i­tors also pose a great risk in this regard, since they are fre­quently used in unse­cured envi­ron­ments, too. They should there­fore never be accepted on the internal net­work unchecked. This espe­cially applies to VPN con­nec­tions from the out­side, e. g. when working from home. This is where cen­trally admin­is­tered antivirus soft­ware on all ter­minal devices is a good idea.

And finally, all sta­tionary devices where external data car­riers are con­nected will have to be equipped with suit­able virus pro­tec­tion, too.

Your virus pro­tec­tion con­cept should cover the com­plete virus pro­tec­tion system and its configuration.

Antivirus suites for companies

There are numerous sup­pliers offering antivirus solu­tions which are also suit­able for larger net­works. Roll-out, con­fig­u­ra­tion and main­te­nance of your AV pro­tec­tion can there­fore be admin­is­tered cross-plat­form and cross-loca­tion from a single cen­tral point. This way you can ensure that com­pli­ance with your SME secu­rity policy can be safe­guarded as soon as a device con­nects to the network.

Cyber crim­i­nality sta­tis­tics are sending a clear signal: Mal­ware attacks resulting in damage have increased con­sid­er­ably over the past few years. Ran­somware in par­tic­ular should be taking seri­ously as posing increasing risks to SMEs.

What else would you like to learn about security when e-banking?

Reg­ister for a course now
and learn more:

Basic course

Find out about cur­rent Internet threats and some easy pro­tec­tive mea­sures, and how to securely use e-banking.

fur­ther information

Online course mobile banking/payments

Find out about mobile banking, mobile pay­ments and how to securely use these apps.

fur­ther information

Online course for the under-30s

Learn how to use your smart­phone securely. Next to basics, we will show you what you should know about social media, clouds, mobile banking and mobile payments.

fur­ther information

Course for SMEs

Is your organ­i­sa­tion suf­fi­ciently secure? Learn which mea­sures you can take to sig­nif­i­cantly strengthen your organisation’s IT security.

fur­ther information