Judul by jizhen1947


									Matakuliah   :A0334/Pengendalian Lingkungan Online
Tahun        : 2005
Versi        : 1/1

                  Pertemuan 10
               Software Protection

         Learning Outcomes

Pada akhir pertemuan ini, diharapkan mahasiswa
akan mampu :
• Mahasiswa dapat menyatakan Software

             Outline Materi

• Virus Attack
  – The Nature of The Virus Threat
     • Damage to Data
     • Clean-Up costs
     • Spreading The Infection
  – Protecting Against Viruses
     • Anti-Virus Software
     • Policy Solutions
     • System Procedures
  – Appropriate Responses
  – Conclusions
            Virus Attack

• As too many organisations are aware,virus
  infections can be both destructive and far-
  reaching. Nowadays it would be difficult to
  find a company whose everyday routine
  does not rely upon the smooth running of
  its IT infrastructure. It is therefore easy to
  see why a rather unpleasant can of worms
  is opened when that is compromised.

  The Nature of The Virus Threat

• Damage to Data
• Clean-Up costs
• Spreading The Infection

          Damage to Data

• One of the most talked about effects of a
  virus attack is the damage it can do to a
  company’s data. Many viruses are
  capable of wiping hard disks or corrupting
  the records held on a machine.

           Clean-Up Costs

• Deciphering how much it costs an
  organisation to reinstate lost data or to
  negate corruptions made by malicious
  code is an almost impossible task and
  depends greatly on the specifics on the
  virus in question.

        Spreading The Infection

• There are some viruses, such as Melissa and
  Sircam, that are capable of randomly selecting
  documents from an infected PC and distributing
  them to the contacts listed in an infected user’s
  address book. The virus will not search for any
  document in particular – whether it happens
  upon your latest financial projections or your
  plans to merge with another company is really
  left to chance. The likelihood, though, is that if it
  is a document of that nature, there are certain
  people (quite possibly in your email contact list)
  whom you wouldn’t want to see it.
  Protecting Against Viruses

• However, it is not all doom and gloom.

         Anti-Virus Software

• Probably the most obvious step to take is
  to install a reliable anti-virus solution that
  is updated regularly. Most anti-virus
  solutions are able to detect the majority of
  viruses; but the speed with which updates
  to protect against the latest viruses are
  delivered differs somewhat. Most vendors
  offer automated updating over the Internet
  but customers should check out exactly
  how often they will updated.

           Policy Solutions

• Apart from the software there are other
  measures a company can take to protect itself
  against malicious code. One of these is to
  develop a safe computing policy whereby
  employees are informed of how to use their
  machines safely. Educating users about
  possible threats should begin at company
  induction stage so that members of staff know
  what is expected of them from the outset.
• A safe computing policy should include points
  such as not opening unexpected emails and not
  downloading material from the Internet.
• In addition, no files with double extensions
  should be executed. There are very few
  occasions when such a file would be
  legitimately required and the vast majority
  of them should be treated with suspicion.
  The simplest thing to do is to ask the
  sender to re-send the file with the correct

• Another measure to include within such a
  policy is the saving of Word documents as
  rich text format (.rtf) instead of as
  documents (.doc). Docs support the
  macro language, which allows macro
  viruses to run – it is far more difficult to
  infect an .rtf file. Users should also be
  instructed not to open or forward joke,
  movie or graphics files.

          System Procedures

• Network administrators should also employ
  measures such as disabling Windows Scripting
  Host, changing the CMOS boot-up sequence
  and blocking certain file-types at the email
  gateway. Some vendors include technology
  within their products that allows IT managers to
  prevent certain files from ever entering an
  organisation – this is certainly something to look
  out for when purchasing an anti-virus solution. A
  full list of safe computing procedures that would
  form a good basis for such a policy can be found
  at www.sophos.com/safe-computing.
      Appropriate Responses

• Another important issue for organisations
  to consider once a safe computing policy
  is in place is what to do should an
  employee contradict the guidelines and
  allow a virus to penetrate the company


• Anti-virus protection in today’s climate demands
  a multi-faceted approach. Gone are the days
  when simply installing the software was enough.
  That software needs to be maintained
  constantly, by vendor and customer, to ensure
  that it detects the maximum number of viruses.
  In addition to the software, all users within an
  organisation should be taught how to use their
  computers safely.
• Despite the horror stories of what viruses can
  do, it is worth remembering that it is possible to
  mount a comprehensive defence. Most virus
  incidents con be avoided relatively easily.
The End


To top