Reprinted with permission © 2008 TreeTop Technologies
Malware, from the merely annoying to truly devastating, is clearly here to stay. For the most part, the development of anti-malware is mostly reactive and rarely proactive as new threats emerge. So, the best thing an IT security manager can do is make sure all the anti-malware is kept fanatically up-to-date. For that reason, it is often times better to have an anti-malware service that is managed remotely by a third party. As much as it may feel better to have total control, not all IT departments have the time to do all the updates needed.
On the proactive front, it may be worth looking into are next-gen applications that don’t simply use whitelisting and blacklisting tactics. You can find some apps, for example, that can apply unique cryptographic identities to the various individual systems in the company, which will theoretically make each of the systems distinct and secure from the others.
This makes it far more difficult for malicious code to compromise the host system and contains the spread to other systems.
Action Item:
Footnotes: From "View from the TreeTop" Volume 2 Issue 8 August 2008