When Your Anti-Virus Software Fails
Posted on: 05-04-2016
Not if, but when. Something is eventually going to get around your security, and it’s important to have an understanding of what to do in that situation. Whether it’s a single terminal or a crucial piece of infrastructure that’s been infected, you’re going to need to know immediately what to do to prevent further damage and limit the costs of recovering from this.
A virus infection can be as ruinous to a company’s infrastructure as a natural disaster or purposeful sabotage, destroying valuable data and potentially crippling the tools you need to conduct your business. Incorrect response can lengthen the time it takes you to get your system back to working order and can even result in additional contamination both inside and outside your organisation.
Especially if you deal with sensitive data such as medical or financial records, you should understand what’s needed to ensure a quick recovery from an infection with minimal data loss.
Quarantine the patient
In all situations where a computer is thought to be infected, the first and most important step to minimise any potential expenses is to disconnect and isolate that part of the system. Whether it’s a server, a work terminal, or a router, minimising the number of connections it has to uninfected computer as you examine it can be the most valuable part of the post-detection clean-up. This involves physically disconnecting the device from all other computers, and potentially moving it out of the range of any wireless networks as some viruses can force a computer to maintain a connection. Only any devices involved in detection and sanitisation should remain connected.
Restoring your system to working order
You’ll need to begin cleaning the device. This process can involve using software specially designed for the individual piece of malware, or updating your antivirus protection and using that to clean it. Regardless of whether the malicious code was successfully removed or not, reinstalling the operating system may be necessary.
Even if the virus was removed, damage to key files can make the system unworkable in its present state, meaning you’ll need to do some repairs. The restore process will delete all data on the device – removing any trace of the malware on that storage medium but also any of the programs or documents you rely on. This is the safest way to restore a piece of infected hardware to safe, full working order. The work spent setting up a wiped computer is much, much less than trying to sanitise each and every part of an infected network.
Recovering lost or contaminated data
Once the reinstall is done, reconnect the machine to your network and restore the most recent back-up. It’s here that being in the habit of frequently taking back-ups at regular times is a positive, as it allows you to minimise the amount of work and data lost and the amount of time it will take to get the computer current again.
If there’s irreplaceable information on the affected drive, before you restore you could consider contracting a professional data recovery service or using data recovery software to extract affected data. How effective either of these options will be will depend on the nature of the system and on the extent of the damage caused by the infection.
Once you’re back up and running, invest in an anti-virus package that’s more responsive than traditional methods. Speak to Typent today about our Webroot SecureAnywhere system, covering business, home and mobile devices. With its lightweight install profile and cloud-based detection method, it offers a more responsive and agile way to monitor and protect your network that doesn’t rely on lengthy, cumbersome updates to a local registry of malware signatures.
For more information on this or any of our services, don’t hesitate to get in touch with our office today for assistance across Singapore. Call us directly on +65 6655 4820 to find out what we can do for you and your company or send an email to email@example.com and we’ll get back to you as soon as possible.