Register

Forgot Password

Site FAQ

Home > IT Answers > Security > virus malware spyware

M2008

5 pts.

virus malware spyware

Information security governance, malware, Risk analysis, Risk assessment, Security threats, Spyware, Viruses

I want to how to conduct a risk assessment to protect our pcs, networks

Software/Hardware used:

ASKED: June 26, 2008 7:24 AM

UPDATED: January 30, 2012 8:31 AM

RELATED QUESTIONS

Answer Wiki:

Check out these <a href="http://searchsecurity.techtarget.com/search/1,293876,sid14,00.html?query=risk+assessment&x=0&y=0">search results</a> from SearchSecurity.com. ----------- Conducting risk assessment could not be predicted right away. This is because virus or any other malware programs could attack anytime with a single click or press of your keyboard. The most important thing you have to consider is to make sure that you have the latest antivirus software in a full license and constantly scan your computer system for possible threats. ============= The best factors you have to consider in your risk assessment procedure for the effective protection of your computer are the following. -Antivirus Software -Firewall -Operating System Updates -Restrictions

Last Wiki Answer Submitted: January 30, 2012 8:31 am by Markempee

2,130 pts.

All Answer Wiki Contributors: Markempee

2,130 pts. , Labnuke99

32,645 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Jun 26, 2008 4:15 PM (GMT)

Before you get too far, I’d ask management (assuming that they asked you to do this), what sorts of risks they are looking for. Here are some basic areas – each of those divides into many more.

1) Physical – Dust, dirt, lack of cooling, dirty electricity, safety of equipment and personnel
2) Unpatched (and therefore vulnerable) workstations and servers, Event logs checks for important problems – disk failure, time synch errors, file system integrity.
3) Poor security configurations (no controls on passwords, file sharing, wide-open firewall, etc.)
4) Poor security awareness on the part of staff – i.e. has everyone been trained on what’s good and bad?
5) State of cleanliness/infection from a virus and spyware point of view.

Also – check out the SANS reading room at http://www.sans.org. Lots of good material there too.

Bob

Bobkberg

1,070 pts.

POSTED: Aug 7, 2008 2:47 PM (GMT)

Try to classify the data you would like to assess. With your classification as a basis, you know which data is vital for your organisation, and needs to be well protected and which data is more or less public.

Classification in ITIL terms are confidentiality, integrity and availability. Re your local legislation, confidentiality refers to any privacy legislation local or, if applicable, European Union acts. With integrity you ensure the completeness and timelyness of your data and availability has to do with the continuity of your data.

Let me know if there is anything I can help you with.

Paolaas

10 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags