Protecting Your Practice PCs
It is always a difficult balance in the office to balance your need to protect your computers from viruses and to enable your Users to do their jobs. You have your office and the network all set up and it is all going fine and then disaster strikes. The PCs won’t work and are helpfully emailing your clients a virus.
You need to be aware of the different threats that your office PCs face:
- Physical threats
- Internet threats
- Email threats
These are things such as your secretary bringing in her photos from her holiday to share with her friends. In she comes all glowing from the break and plugs in her USB stick. Sadly her PC at home has a virus and now so do you!
In addition to having an office policy, practically how can you prevent this happening?
FREE monthly newsletter
Wills | Probate | Trusts | Tax | Elderly & Vulnerable Client
- Relevant learning and development opportunities
- News, articles and LawSkills’ services
- Communications which help you find appropriate training in your area
- Lock all the PC USB and CD drives so they cannot be used. On Windows you can do this using the local policy editor or if you run in a domain the group policy editor. Before doing this I would consider whether the security benefits outweigh the inconvenience to users.
- Only allow in “Media” that has been checked by either you or your IT department. This can be very difficult to enforce – how would you know a user has not bypassed the IT department.
- You or your IT department check this “media” for viruses, Trojans, spyware and only if they pass those checks do you allow this to be used on your PC. If the media is connected to another PC then it has to be scanned again. One way of making this less of an inconvenience and ensuring it happens is to set up the antivirus software on the PC to automatically scan external media. Most good antivirus software has this sort of setting.
While you are reading something on an innocent looking website the site is busy downloading a virus, Trojan or spyware. Gradually your PC gets slower and slower and you have no idea why. The chances are that you have some form of “malware” and it is damaging your PC and those networked to it. So how can you protect yourself?-
- Buy and install a suitable antispyware and anti-virus software from a reputable company. With Windows 8 you can use the built in Defender software which is very effective.
- Ensure real-time scanning/protection is turned on. Don’t just rely on users doing regular scans.
- Keep that anti-virus software up to date. In the case of Windows 8 make sure automatic updates are turned on.
- Generally with Windows ensure auto-update is turned on for security updates.
- Do not accept some “free“offer of a virus check from a web site as it is likely to install a virus. These can be incredibly difficult to remove as you have given the site care-blanche to change your machine.
- Be extremely cautious about downloading from sites. Ensure that you virus check anything before allowing it onto your machine.
- Some viruses will actually turn off your anti-malware, spy on every keystroke and report what you do online.
- Turn on Smart-Screen in Internet Explorer – this will notify you of potentially dodgy sites and has a minimal effect on performance.
- Set up a firewall and only allow known programs access out from your machines. You may for example only allow your email client and Internet Explorer to access the internet. This will mean if you do manage to install malware it won’t be able to send anything out of your machine (Note if you have given a web-site permission to access your PC as in (d) above then that web-site may be able to turn off your firewall)
So you think that your work colleague has just emailed you a funny photo and you click to open this. You know her so it is safe-right? Sadly not, you could be very wrong and have just downloaded a virus. What about the hilarious emails you get from your IT department telling you your email box is full and click here. Read carefully – this does not come from the IT department but someone trying to get your login details. Always check the real email address of the sender – if it is not really from your IT department don’t open it.
Be really careful with mail purporting to be from banks or financial institution especially if they are asking you for account details. As a rule Banks will never ask for account details in an email instead it is probably some rogue trying to get your money. This technique known as phishing is on the rise and is getting very sophisticated. Be really careful when odd requests for information come from people you know – hackers are now using infected PC’s to access user’s contact lists and send out emails. Always check the request is genuine.
Internet Explorer’s Smart-Screen can help here as it will block access to known phishing sites.
The main thing to realise is with a little care you can protect yourself against most computer threats – as they used to say in a famous TV programme ’Just be careful out there.’
The LawSkills Monthly Digest
Subscribe to our comprehensive Monthly Digest for insightful feedback on Wills, Probate, Trusts, Tax and Elderly & Vulnerable client matters
Not complicated to read | Requires no internet searching | Simply an informative pdf emailed to your inbox including practice points & tips
Subscribe now for monthly insightful feedback on key issues.
All for only £120 + VAT per year
(£97.50 for 10+)