Runbook/Playbook Part 3
The scenario that happened involved the Win32/Virut malware that was notorious and wreaked havoc on one machine in the company (Microsoft). The malware was detected and stopped before it spread to any other computer on the network. It operates by modifying the software executables on the computers and spreads by targeting every software executable that opens and writes its code that introduces a backdoor that allows hackers to access the system from remote servers. The malware is introduced when an infected executable is run on the machine and once it has been installed along with the innocent-looking software, it copies itself to every other executable as soon as it is opened, meaning that it does not spread if no executable file is run. This, in turn, means that any software that is yet to be run is safe.
Upon realizing the corruption, which was done when an online scan using ESET antivirus was conducted, every executable was closed down (ESET). This allowed for antivirus to effectively isolate any executable affected and list it. Indeed, the executables were listed and it turned out that 7 executables had been affected already, these were immediately quarantined. Some of the software affected were office word and operating system executables. To effectively deal with the threat, I restored the quarantined files so that I could cleanly uninstall the software. After the uninstallation, the online scan was run again, since it was not vulnerable to infection through the executable corruption. This time around, every identified threat was removed and an operating system disc used to repair the corrupted operating system files. Finally, the ESET antivirus was installed so that such threats can be prevented before happening to reduce the extent of the damage. The affected software was then reinstalled and the system scanned with the offline antivirus and scheduled to automatically scan every day (Koret and Bachaalany).
Employees must be guided not to share the following information online:
· Usernames
· Office address
· Their medical history and records
· Their work experiences
· The place they have lived in
· Family member’s identity
· Date of births
· Personal information regarding bank detail or similar data (Norton).
If employees put this data online, their personal information can be misused and they may face an issue which can be severe.
Employees also need to be trained to interact securely while they use the internet. They must take care of the confidential information while sharing it in an email because if the emails are not protected, company data may be at high risk. If they have to share any document or attachment with the management, they need to develop a special code or a password to safeguard the sensitive and confidential information. Employees need to frequently change the passwords because the similar passwords for longer periods can be misused and easily hacked. While interacting online, they should not download any programs or need not install the unnecessary and untrusted applications because they can be a serious threat to their devices and the data kept in their devices may become at stake. They must develop passwords which are a mix of numeric and text to strengthen the security. When it comes to emails, they should not be downloading any emails from unknown sources and must also not click on the unknown links because they make give a security shock. Safe browser must be used and the antivirus should be updated (Kaspersky).
For the enhanced email security, employees must develop separate email accounts for the official use and their passwords must be updated and complex. No large or unnecessary attachment needs to be downloaded because they may contain malware. Email security features must be known to the employees. Using public Wi-Fi to send and receive emails is not recommended because there is a high risk of data to be stolen on public Wi-Fi. All those attachments which are of no use must be blocked. If an email has too many recipients, it should also be blocked. So, email communication must be protected (Tolly).
Following is the list of items that company employees should never share on the social media:
· Representation of the company with unauthentic statements
· Not talking about intellectual property rights
· Not disclosing any confidential information
· Not giving statements without having proper knowledge
· Taking in a negative tone about the competitor
· Posting any controversial thing
· Talking about job roles
· Posting office stories
· Posting any accounts information
· Talking in a hatred manner toward other people (Workable).
Works Cited
ESET. Free Virus Scan | Online Virus Scan from ESET. 2018. Web. 19 June 2018.
<https://www.eset.com/us/home/online-scanner/>.
Kaspersky. Top 10 Internet Safety Rules & What Not to Do Online. n.d.
https://usa.kaspersky.com/resource-center/preemptive-safety/top-10-internet-safety-rules-and-what-not-to-do-online. 30 August 2019.
Koret, Joxean and Elias Bachaalany. The Antivirus Hacker’s Handbook. 1st. Hoboken: Wiley,
2015. Print.
Microsoft. Virus: Win32/Virut.BN. 15 September 2017. Web. 19 June 2018.
<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Virus:Win32/Virut.BN>.
Norton. What personal information should you safeguard? n.d.
https://us.norton.com/internetsecurity-privacy-what-personal-information-should-you-safeguard.html. 30 August 2019.
Tolly, Kevin. Implementing the top 6 email security best practices for employees. 26 April 2019.
https://searchsecurity.techtarget.com/tip/Implementing-the-top-6-email-security-best-practices-for-employees. 30 August 2019.
Workable. Employee social media policy sample. n.d. https://resources.workable.com/social-
media-company-policy#. 30 August 2019.
Needs help with similar assignment?
We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper
Get Answer Over WhatsApp
Order Paper Now
