Viruses and spyware are a plague in today’s interconnected environment. In our day to day IT Support activities we are often asked how to mitigate the risk of a machine becoming infected and also how to manage ongoing viral infections.

Unfortunately there isn’t one answer that fits all. Viruses and spyware can be complex. Good internet browsing habits alone are not enough.  Working on an outsource help desk the user base and skill level is diverse and I have seen even the most prudent users become infected.

Here is a list of things you can do to mitigate your users’ exposure to Viruses and Spyware:

For IT Departments:

1. Content Filtering: Use content filtering to limit the websites you or your user base can surf.  In an enterprise this can be accomplished with a hardware appliance like Barracuda or SonicWALL.  You can also utilize a SaaS (Software as a Service) application like Message Labs or WebRoot.  Though often too restrictive, strict content filtering is one of the only reliable preventative measures available at this time.
2. Limit End User Permissions: Removing the user’s local admin privileges prevents them from installing programs and other activities that may leave the PC open to an infection.  Using an asset management or desktop management tool, you may be able to further limit applications or easily modify group policy to enforce additional restrictions.
3. Outsource your Endpoint Security (Desktop Management):  There are a variety of Managed Service Providers and Outsource Help Desk and IT firms that will “manage your desktops”.  This usually involves a suite of managed services targeted toward endpoint security, which removes distraction and allows an internal IT team to focus on other projects more aligned with business needs.  If you require complete management of the desktops and end user support, these services can usually be bundled with outsource help desk support, sometimes 24×7.
4. Enforce Best Practices – Raise Awareness: Make your service desk and help desk teams acutely aware of the best practices of your support center.  If you’re working with an outsource help desk managed service, ask them what their standards are and ensure they align with your expectations.  Empowered, the team will naturally educate users and look for risks while working on unrelated issues.
5. PC Imaging: Get an imaging process in place so you can quickly restore a user’s PC.  If they’re properly managing their files this should work without losing data.  It would be an inconvenience and could act as a deterrent from them engaging in future activity which could cause their PC to be imaged.

For End Users:

1. Internet Explorer Active X Settings: Internet Explorer is the most commonly attacked browser, most often via ActiveX that automatically downloads the malware..  However many SaaS (Software as a Service) and web based applications are optimized for IE.  Disabling ActiveX can help. Disabling IE scripts from running automatically will also secure the system but unfortunately will reduce the improved functionality of the browser.
2. Web Surfing Habits: Being aware of where you are going on the Internet is your best protection against any attack.  Beware of pop up windows and sites that have them with any frequency.  If you go to a website and you get a pop up message that says anything to the effect that the site detected a virus and wants to clean it up, run the other way.  Hit escape, back, alt+F4, or anything else but clicking OK.
3. Choose your applications wisely: Often times freeware applications (applications that don’t require purchase) come with a cost in the form of bundled spyware and even viruses.  If you want a freeware application you can often find user reviews that will alert you to these issues, so do some research.  Downloading illegal software of any kind will often leave you infected for a number of reasons.
4. Run an Anti-Virus or Anti-Spyware/Malware program: There are free programs that you can attempt to piece together to protect your system (e.g. AVG Free, Spybot), or you can pay for an anti-virus suite like AVG Professional, with improved reliability and functionality.  There are also SaaS (Software as a Service) and MSP (Managed Service Provider) offerings.
5. Use an alternate browser like Mozilla Firefox or Google Chrome.  While these browsers may provide better security against Internet Explorer targeted attacks, you should not expect a system to be completely safe.

Cisco has announced another catalyst for faster internet speeds that will make cloud computing, SaaS (Software as a Service) and off site managed hosting services and solutions more feasible.  The fuel Cisco added to the bandwidth fire is a new CRS-3 internet backbone router.  This new carrier routing system boasts impressive performance and capability improvements over the current system.  Cisco had a very rough time around 2004 with their CRS-1 router, which almost didn’t make it out of research and development.  Cisco’s CRS-3 router has 12 times the speed performance of its original CRS-1.

PC World reports Cisco Chairman and CEO John Chambers as saying: “At full scale, the CRS-3 has a capacity of 322T bits per second, roughly three times that of the CRS-1, which was introduced in 2004. It also has more than 12 times the capacity of its nearest competitor. The CRS-3 will help the Internet evolve from a messaging platform to an entertainment and media platform, with video the emerging “killer app”.”

This announcement has very close timing with the National Broadband Plan heating up, which promises to deliver 100mbps connectivity to 100 million homes by 2020.  Google’s Fiber for Communities initiative is also gaining steam, and the promise from Google is over 1 gigabit speeds to communities selected for their pilot program.  We’re not sure how Cisco’s CRS-3 announcement fits into all of this, but when these three behemoths (US Government, Google and Cisco) are pulling in the same direction it makes it more believable that they will reach their goals.

What we’re seeing here is the infancy of another significant evolution in computing. As these speeds become attainable the applications are endless. Technology sets and solutions poised to benefit include: Cloud Computing, Managed IT Services, SaaS (Software as a Service), Disaster Recovery, Infrastructure Hosting, Streaming Video and Audio, Off Site Backup, Server Hosting and Outsource IT Services. It’s exciting to be a part of it.

If you haven’t upgraded to Exchange 2007 yet, you might be looking to make the migration from 2003 to 2010.  If you’re ambitious, you may be ready to go from Exchange 2007 to 2010, to take advantage of one or more new features.

The primary new feature that existing and prospective clients are interested in is the new, built-in high availability feature that Microsoft says will allow you to economically deploy an email messaging continuity service within your organization.  We admit it sounds promising, and at worst, pretty cool.

Things to consider:

• Virtualization Pitfalls: If this will be a “local solution” and you’re going to virtualize the servers, they still need to be on at least two independent virtual hosts to avoid a single point of hardware failure.  Please note that very often email servers are not ideal candidates for server virtualization.
• Remote Site Considerations: If this will be a disaster recovery solution with servers in multiple locations, the number of considerations increases.  For example bandwidth for data replication, physical server access and security.
• Is it going to work? Exchange is a highly specialized enterprise communications system requiring expertise to properly implement and maintain.  Regular failover tests are 0ften overlooked, but are a necessary part of maintaining a reliable design.  Lastly this is a brand new feature that you might call “bleeding edge.”
• Unpredictable costs add up: Microsoft says this is a cost effective solution, but you may want to ask, compared to what?  Your additional costs for the increased number of servers will include some or all of the following unpredictable costs: travel, hardware maintenance and replacement, server maintenance, high availability/disaster recovery testing, solution specific administration, training, hosting, bandwidth and expertise costs (1099, Outsource IT or FTE).
• Alternatives: There are managed SaaS (Software as a Service) options such as Dell’s Message One product, or more inclusive messaging suites like Proofpoint and Mimecast that offer email continuity solutions.  They are fully managed at a fixed cost, and most importantly are proven solutions you can rely on.  Furthermore, options like Google Apps Premier for Enterprises offer a true Cloud Computing solution (high availability inherent) all rolled into the cost of the product, which is a fixed cost per user, per year.

Overall this seems like a feature best implemented after it is proven out as a preferred solution.  Even then it may only be advisable for large enterprise organizations who can truly realize the benefits and have the dedicated staff to expertly maintain the design.

You may have heard about Google’s effort to provide communities unprecedented Internet connectivity speeds of over 1 Gigabit per second.  At this point they’re asking cities to return RFIs (Requests for Information) so they can determine where to build their infrastructure for the trial runs.  A deeper look at their description of the fiber optic trial, dubbed “Google Fiber for Communities” explains their stated reasons for this strategic move.  A primary driving force behind this effort is to provide developers faster speeds in order to accelerate the next generation of app development.

The architecture required for speeds like this doesn’t exist on a large scale today.  In fact, Google will probably not be the first provider to offer these speeds, but they will certainly accelerate innovation.  The bottom line is that it’s clearly a strong push of Google’s Cloud Computing agenda.  If successful, this would provide an incredible catalyst to the SaaS (Software as a Service) industry, which is experiencing historical growth.  With Google Apps Enterprise, Gmail, Google Wave, Google Chrome, Postini and the rest of the franchise, SaaS is something Google knows a little bit about.

ARHD CTO Josh Lippy says “This is part of their grand plan to own the Internet.  By providing 1GB speeds, they’ll be able to push their thin client agenda to the masses.  Chrome operating system and chrome browser for all things computing.”

Google wants to do away with the traditional desktop operating system (that Windows thing), and replace it with a managed service.  Their offering will be an easy to purchase streaming thin client desktop service, most likely paid for based on usage.  The speeds Google is pursuing are the only way to ensure success.  Cloud Computing will take incredible leaps with that kind of speed, not to mention they could start offering television programming with that kind of throughput.  Is there a Google channel yet?

You can go to Google and search for “Google fiber” to learn more.