Top tips
Among other trends observed were the shift from operating systems to applications as the focus of malware writer's attentions. 90 percent of the vulnerabilities noted the second half of 2008 affected applications rather than OSs.
It will come as no surprise to the British public sector that the biggest cause of security breaches remains lost and stolen equipment. Apparently that was the cause of half of all reported security breaches resulting in data loss.
Here are some Microsoft top tips for best security practice:
- Configure computers to use Microsoft Update instead of Windows Update; this will ensure the receipt of security updates for Microsoft Office and other Microsoft applications, as well as security updates for Microsoft Windows operating systems. More information on how to do this is available at http://support.microsoft.com/kb/311047.
- Make sure that updates also are enabled when possible for third-party applications.
- Use an anti-malware product from a known, trusted source, and keep it updated. Be cautious not to follow advertisements for unknown software that appears to provide protection (rogue security software).
- Avoid opening attachments or clicking on links to documents in e-mail or instant messages that are received unexpectedly or from an unknown source.
- Enterprise customers should ensure that policies are in place to help secure all file shares and regulate the use of removable media.
- Enterprise customers should use the Microsoft Security Assessment Tool (MSAT), available at http://technet.microsoft.com/en-us/security/cc185712.aspx, to help assess weaknesses in their IT security environment and build a plan to address the risks.
- Enterprise customers should help control the use of remote management software.