Mitigating Virus Infections

Over the last few weeks, our Support Line has been seeing a significant uptick in the number of requests from our clients to clean up virus and malware infections. In light of this current increase of infection, we want to share some tips to help you both prevent virus infection when possible and resolve the issues as quickly as possible.

Create and enforce good antivirus software procedures for your organization.

Be sure that business-class antivirus software is installed on each workstation and server, and be sure that the virus definitions are updated frequently. Antivirus software is far from perfect as hackers create new viruses faster than antivirus software is updated. That said however, it is still a very good first line of defense. Either enforce antivirus software updates from a server, or check-up manually on your workstations regularly to be sure that they are being updated.

Educate your staff on your antivirus software’s name and appearance. Many common viruses and malware will pose as an antivirus software to bait users to download additional malicious files and software to their workstation. These fake antivirus software look very plausible and fool many people. Make sure that you staff know the actual name of your organization’s antivirus software and know what alerts from that software will look like and the likelihood of them actually seeing an alert.

Use firewalls to keep your network and workstations secure.

For the nonprofit office environment, we recommend a business-grade, hardware-based firewall to help prevent virus and malware infections on your network. In addition to having one installed, firewalls need to be updated regularly, so make sure that they receive routine maintenance as well.

In addition, Windows XP, Vista, and 7 all have software-based firewalls built into the operating system, and there are many other third party software-based firewalls available as well. While it is not necessary to have the software firewall on while you are in your office and behind your network's firewall, it is very important to turn that on when you are working outside of the office, especially on public networks. We mentioned these firewalls along with our tips a for using wireless internet securely in another recent post.

Be sure to keep servers and workstations updated.

Make sure that security updates and patches are installed promptly on your servers and operating systems, as these updates will close vulnerabilities to your system. In addition, Service Packs to Windows will also roll up many of these security updates, but your IT staff or consultant will need to do a check to make sure your other software will run well after these kinds of updates.

Also, upgrade to newer internet browsers as soon as you can as the old versions are also known to allow more virus infections. If you have a server on your network, your IT staff or consultant can implement automatic updates to make sure that the workstations are updated easily and promptly.

Educate staff on what to do when they see symptoms of infection.

Make sure that all staff are educated both on the common symptoms of virus infection and what to do when it happens. Microsoft has a good write up of frequent virus infection symptoms, but some very common ones are:

• Seeing an alert from antivirus or other protection software not used by your organization
• A large amount of pop up advertisements or other alerts
• Your computer running much slower than usual
• Your computer frequently crashes and reboots or it restarts on its own
• Programs either appear on your computer that you didn’t install or programs go missing
• Desktop icons appear that you didn’t put there or your regular ones disappear

For the majority of staff members, it’s best to tell them to leave the virus clean-up to your IT staff/consultant – even if they have tech skills, your nonprofit will likely keep running more smoothly if they keep to their regular tasks.

Instruct your staff members to unplug their network cable when they first notice infection symptoms to prevent the virus from spreading to the rest of your network. Save what they’re working on quickly and then shut down the computer to try and prevent the virus from spreading further on their computer.

Create guidelines for staff on workplace computer and internet use.

While this suggestion is sure to be controversial, it still makes sense as virus infections from work related applications are very rare. There are many levels to internet use guidelines and enforcement, so you can decide what is best for your organization based on your staff members’ internet needs and the history of attacks at your organization. If you’re considering building an internet use policy for your organization, here are some options to consider:

Advise staff to avoid downloading things at work. There are few legitimate reasons for staff to be downloading movies and music at work, so it is relatively common for HR policies to ask staff to save these activities for home. For any staff who have work-related reasons to download clip art, pictures, and font files, make sure they are educated on ways to do this as safely as possible. Recent headlines have outlined the risk of acquiring viruses from image searches, even when you don’t actually save the image.  While there are some legit sites to download fonts and clip art, the free sites that come up in internet searches are notorious for virus and malware infection.

Rather than searching for free clip art sites, better resources for low-cost images for your nonprofit include Microsoft’s Image Library, and Creative Commons. Both of these sites have free images, but you will need to check in on the individual image that you would like to learn of any restrictions on its use.  You may also consider using paid sites such as iStock. Even though nonprofit budgets are notoriously tight, it will still make more sense to pay for clip art and images than paying to clean up a virus infection.

Consider restricting user permissions. By restricting regular level staff to user access rather than Power-User or Administrator, they will not be able to install programs on their own, and thus will limit the spread of viruses. This can be very limiting to certain users, as certain programs require administrator access for use.

Despite the hassle, many network administrators will require administrator permission levels to install new software. This can prevent certain kinds of malicious software from being installed, and it will also help your administrators better care for your network. For users that occasionally need admin access, it is a good idea to just occasionally give them access to the administrator account rather than permanently elevating their regular account to the administrator level.

Be sure to have a good conversation with staff members who have repeat infections.

If an individual or group of staff members have multiple infections, especially if they happen in a burst, it’s a good idea to have a good conversation with them to try to figure out what is going on. Ask what websites they are visiting and what they are downloading to see if a pattern emerges. They may need education on how to prevent infection, or you may discover a threat to share with the rest of your organization. Try to be understanding  when having this conversation as the infection may not necessarily be due poor behavior or visiting inappropriate sites – a noted situation in 2009 left visitors to the New York Times website infected with malware.

Consider having additional computers in your office both for recovering from attacks and for more sensitive uses.

Many nonprofits and companies choose to have extra computers on hand to ensure business continuity during infections. This computer will be set up with your staff's most commonly used software installed. Then, should one person become infected, they can simply load their profile onto the spare computer and keep working while their regular machine is fixed.

Many security experts also recommend keeping a computer that is only used for banking and financial purposes and is kept off when not in use. That way there is minimal risk of any virus or malware being on that computer that could put your nonprofit's finances at risk. The writers at Fraud Prevention Unit put up a post last fall that outlines tips for implementing this setup at a lower cost.

Unfortunately, these pieces of advice will not prevent your staff from ever getting a virus. Those fighting viruses play a continual game of whack-a-mole in their battle with virus creators who continually prove themselves to be very inventive and creative in bypassing current security. However, by educating your staff on best practices and having good protections in place, you will minimize the frequency and impacts of such attacks. If you would like assistance in setting up any of these steps for your nonprofit, you can always contact us for our help or advice.

- Elaina Buzzell