What’s To Be Done?
At first glance, it might seem that the only way to avoid the security risks and threats prevalent in today’s interconnected world is to avoid using the Internet, to never download any content, and to never read active-content email messages. However, this is not practical in the business world. A number of steps should be taken to reduce the risks to an organization:
Install detection and protection software—With the number of security risks and threats constantly expanding, all computers should have software installed to provide real-time detection and protection against identified security risks and threats.
Perform regular software maintenance—Regularly review and apply new updates, service packs, and hot fixes to the applications and operating system on computers to provide the best possible protection.
Secure browser settings—Ensure that Web browser security settings are set to the highest level that still allows proper operation.
Educate Users—Ensure end users are aware of the dangers of downloading content from unknown sources and opening attachments from unknown Senders. Inform staff to carefully read all "terms of service" agreements, and never select buttons on pop-up.