What Can We Learn From Race Cars?
In the racing business, there is an old saying that “To finish first, one must first finish!” Trying to go as fast as you can, all the time, is in fact, not the best way to finish a race in first place. More often than not, all it does is get you in the middle of a wreck. (I used to be the Chief Driving Instructor at a Rally School, so I have some experience with this…)
Indeed, the more experienced and talented the driver, the more often their coach will advise them to slow down, to give them time to better plan their next move. In other words, if you can drive at 99.9% one hundred percent of the time, you’ll be both safe and fast. And when something does go awry and you need to drive at 110% for a bit, you’ll have the margin and composure to do so.
Drive Encryption Malware Strikes Again
You may have seen a recent Ars Technica article in which a senior Symantec executive admits that anti-virus software catches less than half of all malware (here’s the full URL: http://arstechnica.com/security/2014/05/antivurus-pioneer-symantec-declares-av-dead-and-doomed-to-failure/). Not surprisingly, not a month goes by that we don’t hear about some poor end user clicking on a link in an email and inadvertently launching some drive encryption malware requiring their workstation to be rebuilt from scratch. (It gets worse when the drives encrypted are the company network drives, and whole servers have to be rebuilt and restored…)
So how can we apply how to go fast in racing to malware protection?
It’s simple: Slow Down! Slow down how fast you skim through email. Take a breath before you click on a link. Know where your mouse cursor is, in what application before you hit the Enter key. Don’t be the cause of a malware wreck!
The Most Effective Anti-Malware Tool? Training!
In our experience, end-user training is the most effective malware detection tool. With the benefit of hindsight, most malware delivered via email links does look suspicious, but only after you take that extra split-second to look at it. Often there is a typo, a graphic that doesn’t look quite right or some other attribute that appears out of place in an email purportedly from the Post Office telling you about a failed package delivery attempt.
Sure, at Reliable Networks we are fussy about security and do things like block executable attachments and have multiple vendors’ products scanning our email stream (inbound and outbound BTW…) but these URL links delivering malware are quite clever, insipid, and frankly, the bad guys are way ahead of the good guys who sell anti-virus/anti-malware detection solutions.
But at the end of the day, we recommend our users slow down — just a little — and take advantage of our uniquely human ability to sense when things are not quite right.
Now, we are of course not suggesting you abandon the usual protections. Indeed, we like a multi-vendor approach because when new exploits are discovered, different vendors release updates at different times, and just a few minutes can make a difference. So even though it costs more, it’s fairly cheap “insurance”.
And if you’d like to schedule some end-user training with us, we’d be happy to oblige. Just give us a call at (207) 772-5678.
L. Mark Stone
General Manager, Managed and Private/Hybrid Cloud Services
A Division of OTT Communications
The information provided in this blog is intended for informational and educational purposes only. The views expressed herein are those of Mr. Stone and do not necessarily reflect those of Reliable Networks, OTT Communications or Otelco Inc. The contents of this site are not intended as advice for any purpose and are subject to change without notice. We make no warranties of any kind regarding the accuracy or completeness of any information on this site, and we make no representations regarding whether such information is up-to-date or applicable to any particular situation. All copyrights are reserved by Mr. Stone. Any portion of the material on this site may be used for personal or educational purposes provided appropriate attribution is given to Mr. Stone and this blog.