Knocking off the easy things that are most frequently exploited on PCs
- These are, in order:
- keep applications patched and use the latest version of applications (Flash, the Acrobat PDF viewer, Microsoft office and Java are singled out);
- patch operating system vulnerabilities;
- minimize the number of users with administrative access to systems (while making sure that your BOFH doesn’t use an admin account for e-mail and browsing);
- whitelist your applications.
When you do find a virus or something, is that computer now safe?? "When encountering an infected host in the corporate environment, be weary of relying solely on the antivirus tool’s ability to disinfect the host. If you can, take the time to look for other indicators of compromise to assess the scope and severity of the incident. Investigate further if there are reasons to be concerned. Once you’re ready to eradicate malware, strongly consider reimaging the system or restoring it from backup, instead of automatically disinfecting it and assuming that the situation has been resolved."