Sophos suggests New Year's resolutions for system administrators

January 02, 2002 Sophos Press Release

Sophos wishes all its customers a happy new year, and to reduce the risk of virus attack in 2002 recommends businesses consider the following suggestions:

  1. Subscribe to Sophos's email notification list for information about new viruses discovered in the wild. You will be emailed with details of how to protect yourself against the latest threats as they emerge.

  2. Subscribe to Microsoft's security bulletin mailing list. As security vulnerabilities and loopholes are found in Microsoft applications and operating systems you will be informed of how best to protect your company against them. Viruses which have exploited loopholes in Microsoft software in the past include VBS/Kakworm, Code Red and Nimda. It is important that these patches are applied by your organisation across all vulnerable computers.

  3. Block dangerous file types at your email gateway from entering your organisation. Few companies will have a legitimate need for file types such as VBS, EXE, SHS etc to be emailed into their company from the outside world. Blocking them at the gateway can help prevent infection from future viruses as well as many existing viruses. Stopping files with more than one extension (for instance, LOVE-LETTER-FOR-YOU.TXT.VBS or ANNAKOURNIKOVA.JPG.VBS) from entering your company may also be a good idea. More details on this and other safe computing tips can be found in Guidelines for safer computing.

  4. Raise awareness of the virus threat amongst your users, and educate staff to be suspicious of unsolicited email attachments, even if they appear to come from a friend or colleague. If you receive an email written in an unusual way, or containing a file type you do not regularly exchange, then your staff should be suspicious and be wary of double-clicking on it.

Sophos provides a number of resources to aid system administrators who wish to educate their users about the virus threat, including the Sophos virus information feed and the book Computer viruses demystified1.

1Computer viruses demystified was renamed Viruses and spam: what you need to know in 2004 when the book was updated and expanded to include information on spam, mobile phone threats, phishing and spyware.