Staying Malware Free

1.  Have a security audit done if you’ve never had one done.

2.  Do not depend on only the Windows firewall if you can.  You want to have another firewall in front of your networks to provide that first layer of defense.

3.  Run Firefox.  They do not require a google account to sync your bookmarks.  Firefox is the recommended browser of ETC Maryland.

4.  Use the ublock Origin extension for all of your browsers.  Ads on the Internet are one of the most widely used attacks vectors to get malware onto computers at this time.  This includes Firefox, Microsoft Edge, and Chrome.  IE is not recommended for usage on any machine.

5.  Use a password manager.  Use the manager to now only remember your passwords but also have it do a password audit and change all of your passwords to strong passwords.  Do not let users manage their own passwords.

6.  Don’t go to porn, warez, gambling..etc etc type sites.  If it’s a red-light district on land, it’s the same in cyber-land.  If you go to these places in cyber-land, none of the above or below’ll be infected either immediately or very quickly.  NO anti-anything will save you either.

7.  For Network Admins:  Block the following attachments: .com. .bat, .vbx, .hta, .inf, .jsa, .wsh, .vbs, .vbe, .shm, .pif, .scr, .cmd, .dll, .rtf, .zip, .exe.  This list is not exhaustive but this list contains the most common infection vectors in attachments.

8.  Never click a link in an e-mail without checking it first.  This can be a tricky subject.  Hover your mouse(Don’t click any links) over the links and see if the address presented in the bottom bar matches the text of  the link.  If it doesn’t it’s a fake.  Contact ETC-MD.

9.  Remove admin rights from users as much as possible.

10.  Disable autorun.  This nukes most infections from usb keys(flash drives, thumb drives..etc etc etc.

11. Ensure all systems are up to date with all security updates.  Not just Windows and Office but every third party program on your systems.  (This includes Acrobat, Flash, Java).

12.  If something you are installing wants to install something else as well as what you asked for…STOP THE SETUP PROCESS IMMEDIATELY and Contact ETC-MD.

13.  If you installed it you must keep it updated

14.  If you don’t use it or don’t know what it is uninstall it at once.  Old software is another target for malware entry into your system.

15. If you are informed of a possible infection or you suspect an infection please remember that you CANNOT reliably clean an infected machine from inside the infected operating system.  Contact ETC-MD for your recovery options.

16.  If you have a router that is more than a year old and/or it has never been updated you need to contact ETC Maryland.  These devices are now a major security problem for homes and small businesses.