How To Protect Organization From Malware? - Paper Example

Introduction

Globalization and the adoption of technology have increasingly exposed organizations to cyber threats such as malware infections which can lead to the loss or theft of data. Malware can be in the form of software or a program that is harmful to a server, and there are different types with varying negative impact severity (Jakobsson & Juels, 2009).

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Steps to Take on the Discovery of Malware

On the discovery of malware in a computer, it is important for an organization to take immediate action aimed at protecting organization data. Malware are highly evasive, and sometimes they can outsmart all the precautions that an organization take to prevent infection by malware (Gilbert, 2011). The following are the key steps that an organization should take on the realization of malware on the computer.

Identification of the Threat and Attack Extent

When the server is in safe mode, one should continue with identifying the main malware and implementing the fix for the malware. Implementing nonspecific malware solutions for the malware leads to the persistent of the malware (Rao & Nayak, 2014). After fixing the identified malware, it is important to scan the computer for any further infections it is important to clean all the worthless and temporary programs to prevent the malware from reappearing (Rao & Nayak, 2014). The initial stage on the realization of malware infection is the protection of the files and data already in the server by backing them up in secure external data storage such as cloud or external data discs to prevent massive loss of data. Besides, it is important to back up the data in a single location due to the fear of copying infected files.

Disconnecting the Internet

In most cases, malware always calls home through the internet connection and to battle any malware; it is essential to disconnect the internet to cut the internet to prevent malware communication. Disconnecting the server from the internet helps severe communication between the malware and its creator (Rao & Nayak, 2014).

Identifying Infected Areas and Creating a Quarantine

Upon realization of malware in a server, it is important to identify and isolate all the affected systems and data in the server to prevent a large scale attack which could lead to greater loss of data and system compromise. In the cases of a virus infection, it is important to reboot the server computer on safe mode or to use a live antivirus rescue disk (Souppaya & Scarfone, 2013). Booting in safe mode helps to avoid any non-core components from running, which helps to isolate the malware more easily and prevent spread to other areas in the server. The easiest approach of booting using the safe mode is pressing and holding F8 when rebooting the server computer. When the server computer is in safe mode, it is easier to remove the malware.

Identification of the Malware and Implementing Fixes

The most appropriate action to take when a server is infected by malware is cleaning the system and introducing new fixes to reverse the effects put in place by the malware. Cleaning of the malware can easily be conducted using an antivirus application after which the files changes are reinstalled to promote the server functionality (Rao & Nayak, 2014). Upon applying a fix on all the malware identified the changes in the registry, which is the most compromised aspect of the server in the case of malware should be reinstated.

Recurrence Prevention Activities

When a server is infected by malware, there is a high likelihood of the repetition of the same. In this case, carrying out recurrence prevention by patching up the existing vulnerabilities in the server should be a priority (Souppaya & Scarfone, 2013). This is done through the introduction of firewalls and antimalware software in the server computer in addition to eliminating all add-ons.

Conclusion

Preventing malware infection and fighting them in a server is a long term engagement. Today, servers are highly exposed to malware intrusion which has been known to negatively affect their efficiency as well as data and system security. An organization should invest in a long term process that involves preventing the potential malware infection through regular scans, registry checking, and fire wall installation on the server computer.

References

Gilbert, R. B. (2011). Defending Against Malicious Software. University of California, Santa Barbara. Retrieved from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.472.5793&rep=rep1&type=pdf

Jakobsson, M., & Juels, A. (2009, September). Server-side detection of malware infection. In Proceedings of the 2009 workshop on New security paradigms workshop (pp. 11-22). ACM. Retrieved from https://dl.acm.org/citation.cfm?id=1719033

Rao, U. H., & Nayak, U. (2014). Malicious software and anti-virus software. The InfoSec Handbook (pp. 141-161). Apress, Berkeley, CA. Retrieved from https://link.springer.com/chapter/10.1007/978-1-4302-6383-8_7

Souppaya, M., & Scarfone, K. (2013). Guide to malware incident prevention and handling for desktops and laptops. NIST Special Publication, 800, 83. Retrieved from https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-83r1.pdf