The best analogy for security of your computer system is the kind of security provided to a country. As the country’s defense forces are equipped with the latest weaponry to defend the borders from intruders, your computer has to have the right security software and antivirus or anti-malware programs installed in them. And the similarity does not end here. The best defense forces don’t wait until an actual war to test out the battle-readiness of its weaponry or its personnel. They conduct mock exercises from time to time to check if the weapons are firing and configured correctly.
In the very same manner, you cannot be running after some hacker has penetrated the firewall in your system. You must check if your antivirus and other security programs are working perfectly. You should also combine this protocol with other cybersecurity best practices to safeguard your system from a data breach.
How to go about this test? Here are a few suggestions.
Virus Test File
A good way to test the effectiveness of the antivirus program installed on your computer is to use the EICAR Antivirus Test File program, which is available for free by the European Institute for Computer Antivirus Research. Some anti-malware products include a test file in their package.
If you were wondering why you have to do a test on your antivirus program when you have downloaded it from a reliable cybersecurity firm and possibly even paid for it, the explanation is that there could be some slips between the cup and the lip.
To cite an analogy again, it is like your tailor asking you to come for a fitting test before finishing the suit and handing it over. He would be an experienced professional and would have stitched thousands of suits. He would have properly taken your measurements as well; so, where is the need to check if it has been stitched correctly? This concept is the same here—though installed, the anti-malware program might be missing a minor configuration step here or an update there, and that is sufficient for a hacker to mount an attack.
Coming back to the EICAR test file, interestingly, the best result is if your antivirus rejects the download of the file. You should feel satisfied that your antivirus program is providing adequate security to your computer. If the EICAR file gets downloaded and the AV does not detect it and remove it, you are in for trouble. Your test has informed you that you need to check it out.
There are experts who may tell you that if you care about and maintain your computer’s in-built firewall, there is probably no need for additional antivirus software. To understand this in perspective, think of an electric fence to fortify your residential compound and then the security system on the door to your house. Any intruder has to first cross the electric fence to even reach the door. A firewall is quite akin to the fencing that has the added electrification to stop the intruder; and the antivirus software is like fortifying the door. The firewall can stop the hacker while trying to carry out a break-in.
In real-life situations though, many users either don’t care much about the firewall or fiddle with its settings, leading to certain vulnerabilities your computer can do without. But, there is a way to test this as well. Pundits would tell you to hire an ethical hacker, who will—with your expressed permission—try to break-in to your system. If the attempt is successful, then the firewall is vulnerable; if not, you can feel more safe. But many users are not happy doing this.
The alternative is to invest in a firewall vulnerability scanner. It is made available as a comprehensive package and can perform a thorough diagnosis to tell you what ails the security of your computer. It goes on to give suggestions to improve the security environment too.
It is to be noted that more than standalone systems, computers in a business organization are found to be reporting these firewall inadequacies. This may be due to the staff tinkering with the settings to download certain programs. If you are buying a firewall scanner for your organization, choose a product that can be scaled up later when your network would be larger.
Audit the Internal Permissions for Data Access
Staying with the computer networks in medium to large sized organizations, where security issues crop up more often, there is chance that employees from within the setup can launch an insider attack. This is not being stated out of any guesswork or estimation, but after reports have confirmed the reality of the problem.
In every organization, there are disgruntled elements who plan to cause damage to the firm, and one way of doing it is to steal critical data. This data is usually stored in folders within the network which cannot be accessed by everyone in the organization unless they have the permission from the network administrator. The slip occurs when there is no systematic method of checking who exactly has the permissions to access the company’s important data.
Again, there are software solutions which, when installed, don’t leave it to the human frailties and do everything automatically. They scan the network for the existing permissions and let you have a report so that you can take a call on withdrawing the permissions to those who you feel cannot be trusted.
Choose the best one out there after a simple due diligence process.
No computer system or network’s security can be left to sheer chance. There are many ways one can ensure that the system or network stays protected. But each of these steps should be backed by the kinds of tests and checks described here to ensure that the security provided is indeed doing its work.
Most of all, there is the need to be aware of the risks involved in not taking these steps to prevent data breaches. With every passing day, more dangerous malware is being developed and deployed to strike at computer networks to steal data or precipitate other types of cyberattacks.
Gear yourself up to the challenge.