RealNews

Don’t bother to quarantine

They may be infectious, but you shouldn’t bother to quarantine virus-laden files. In his enterprise anti-virus review, Dan Morton mentions that the Symantec solution does not include the software needed to quarantine a virus found entering your enterprise. The software has the capability of repairing a virus, and it can delete files containing a virus — but that’s it. The quarantine function resides on a separate server that stores virus-laden files until you decide what to do with them. The software for that quarantine server is optional. The idea behind quarantined files comes from the early days of personal computers when viruses were also new, and it wasn’t always clear how to repair them. So you’d stash a potential virus into a special place where normal users couldn’t gain access, and store it until a method of recovering the file might be found. Things have changed. AV (anti-virus) software has dramatically improved, and AV vendors can come up with solutions to the virus du jour in minutes or hours rather than days. Virus writers have become prolific indeed, and they have begun using worms or spam to spread their malicious creations. Having a virus sent to you, finding one on a Web site, or loading one from a hand-carried disk is now more than just commonplace — it happens several times a day. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.