I came across an interesting security piece on Symantec's Web site titled "antivirus software and the illusion of protection." Ever had users who get infected with malware despite having good antivirus software installed? Well, the article draws attention to the common attack vectors that are used by hackers to create security breaches and how this could result in systems being hacked despite the existence of security software.
While there is nothing really new or revolutionary in the security practices suggested by Symantec, they are nevertheless important points that bear reiterating.
Updating one's operating system with the latest system patches is pretty self-explanatory. As I've constantly emphasized in the past, the current generation of antivirus software depends heavily on the use of virus definitions in order to identify malware. As such, it is imperative that definition updates are always downloaded and installed as soon as possible - attend to any problem in the updating of definitions as soon as possible.
In fact, persistent problems with updating to a new virus definition could well indicate the existence of a malware infestation.
Symantec also recommends that the Autorun feature be disabled so that an infected flash drive does not inadvertently trigger off a malware conflagration on the corporate network. On this, I would like to point out that the Windows 7 operating system already disables the problematic autorun feature on media other than CD/DVD.
Not performing routine work using an Administrator account is pretty intuitive, though the security vendor offers an interesting perspective pertaining to password policies. On forcing users to create passwords of sufficient complexity and also changing them on a regular basis, Symantec writes that:
"While that may be true initially, people get used to it, and yes it may increase the amount of calls to the helpdesk but it also has too many benefits on the security side to list and to be overlooked."
In closing, I want to emphasize again that maintaining security is a multi-faceted task, and antivirus software is far from adequate in protecting users from every conceivable threat out there. Good administration and maintenance plays crucial roles to keep your SMB network secure.