Top 10 Most Common Malware - How to Avoid Them

(1)

IT Health Check

(508) 756‐9300 | [email protected]

My Company

February 18t h_, 2015 Health check performed by: Jeremy Arndt

OVERALL SCORE

Users

3 Servers

1 Network

2 Backups

1 E‐mail

1 Antivirus

2 _High Risk

_Medium Risk

_Low Risk

10

(2)

IT Health Check

Inventory

End User Devices:

Total Count ‐ 23

Servers:

Name Make Model Operating System P/V Total Used Space SRV‐DC‐01 Dell 2900 Server 2003 Physical C:\ ‐ 100GB, D:\ ‐ 200GB

Network:

Make Model Managed Has IP Address

HP ProCurve 2910 No Yes

Linksys WRT54G (Wireless) No Yes

Dell SonicWall TZ‐105 No Yes

Backup:

Software and Version Destination Media Offsite

Symantec BackupExec 2010R3 Tape Drive When they remember to pull tapes

E‐mail:

Number of mailboxes – 25

Technology Hosted Encryption/Archiving

Exchange 2007 No No

(no antispam)

Antivirus:

(3)

IT Health Check

Other Devices:

Toshiba Phone System MyDVR Video Recording Synology NAS Verizon FiOS ISP WinDSX Card Access System

Users:

Category: Workstation Operating Systems Description: Microsoft Windows XP is end‐of‐life and no longer receives security updates. This can put your organization at high risk for vulnerabilities from outside sources. Detected Severity: LOW Findings: There were no instances of Windows XP in the organization Category: Workstation Hardware Age Description: As a computer gets older it is at an increased risk for hardware failure and performance degradation. This can reduced productivity and downtime for end‐users. Detected Severity: LOW Findings: All end‐user computers were approximately 2 years old or newer which is not considered at risk. Category: Workstation Administrative Access Description: Non‐IT users with administrative access have a higher risk for viruses, malware and bloatware. Most malware uses the credentials of the infected user. Without administrative access, most malware cannot install itself. Detected Severity: LOW Findings: No end‐users have administrative access

(4)

IT Health Check

Servers

Category: Server Operating Systems Description: Microsoft Windows Server 2003 is end‐of‐life and no longer receives security updates. This can put your organization at high risk for vulnerabilities from outside sources. Detected Severity: HIGH Findings: SRV‐DC‐01 is running Microsoft Windows Server 2003. Recommend to upgrade to Microsoft Windows Server 2012 R2. Category: Server Hardware Age Description: As a computer gets older it is at an increased risk for hardware failure and performance degradation. If a server crashes it can potentially cause downtime for the entire organization. Detected Severity: HIGH Findings: SRV‐DC‐01 is a Dell 2900 which is approximately 7 years old. It is no longer under an active hardware support contract. Recommend to replace with a new server. Category: Server Resource Utilization Description: If a server’s CPU or Memory is constantly over 75% usage, this can indicate an undersized server. The results can range from slow application performance to a full system crash. Detected Severity: LOW Findings: CPU and Memory are in an acceptable range.

(5)

IT Health Check

Network

Category: Network Hardware Age Description: As a device gets older it is at an increased risk for hardware failure and performance degradation. Network device failures almost always cause downtime for large amounts of users within an organization. Detected Severity: Medium Findings: HP ProCurve and Dell SonicWall are newer devices. Linksys wireless is very old. Recommend replacing Linksys wireless. Category: Network Location Serviceability Description: When wiring is tangled and disorganized it increases the total time to troubleshoot, replace or upgrade equipment. Detected Severity: Medium Findings: Wiring is mostly neat but a couple cables are potentially blocking access to remove the server if necessary. Recommend downtime and appropriate length cables to re‐cable without obstructing access to the server. Category: Network Feature sets Description: Low‐end equipment often lacks features, which prevent the ability to monitor or manage the device. Without monitoring all responses are reactive instead of proactive and can delay overall time to resolve issues. Detected Severity: Low Findings: HP ProCurve and Dell SonicWall are enterprise class and manageable. Linksys wireless is consumer‐grade and unsuitable for corporate environment. Recommend replacing Linksys.

(6)

IT Health Check

Backup

Category: Time to Restore Backup Description: If a server needs to be restored from backup, the process can be excessively long. During this period of restore time, end users are unable to receive whichever services were provided by that server. Detected Severity: High Findings: My Company currently backs up data to a tape drive. This has one of the longest restore times of any backup media. Recommend replacing with managed backup. Category: Backup Functionality Description: Many companies do not actively check their backups for failures, or know what they are backing up. If data needed to be restored, and there are no backups, this data is not recoverable. Detected Severity: High Findings: Backups have been failing for at least 2 months. Recommend replacing with managed backup. Category: Backups Offsite Description: If all on premise equipment is damaged or destroyed, such as a fire or natural disaster, and no backup of the data is located offsite, the company may face penalties, fines, lawsuits, or simply be unable to function. Detected Severity: High Findings: My Company only occasionally takes tapes offsite to IT manager’s house. Recommend replacing with managed backup.

(7)

IT Health Check

E‐mail

Category: E‐mail Platform/Features Description: E‐mail integrates into a multitude of different technologies including line‐ of‐business applications and other inter‐office communication tools. Older platforms may not integrate and may prevent productivity. Detected Severity: Medium Findings: My Company is running Exchange 2007 which is the oldest supported version of e‐mail from Microsoft. Recommend migrating to newer platform sooner than later. End of life is April 11, 2017. Category: E‐mail Redundancy Description: Many companies consider e‐mail to be the primary means of communication. Without e‐mail there is possible loss of revenue and productivity. Detected Severity: High Findings: My company feels e‐mail is a critical service. Current deployment is on an end‐of‐life server for hardware and operating system. Recommend migrating to hosted exchange. Category: E‐mail Spam filter Description: Spam e‐mails are both a productivity loss, when spending time to try identify real messages, and a security threat in the form of phishing scams and potentially dangerous links or attachments containing malware. Detected Severity: Medium Findings: My Company has no antispam solution. Recommend migrating to hosted exchange which includes antispam.

(8)

IT Health Check

Antivirus

Category: Antivirus Platform Description: Viruses and malware are security threats and cause productivity loss. Without a centralized platform to manage, monitor and update anti‐virus in the organization a company is at a greater threat to infections from malware. Detected Severity: Medium Findings: My Company is running the latest version of Symantec Antivirus and because of policies on the server, all clients are up‐to‐date, however no one is managing this platform. Recommend migrating to a managed anti‐virus solution.