Health Information Compliance Alert

Published on Tue Mar 15, 2016 PDF

Question: If we find that a virus is introduced to our IT systems, what steps can we take to prevent that virus from spreading?

Answer: Viruses are all too common these days, but you can take certain practical steps to prevent a virus from spreading should your organization’s system become infected, according to a Feb. 17 blog posting by John Roman, Jr., CISSP for the law firm Nixon Peabody LLP. Roman offered the following five steps that you can take immediately:

1. Disable local administrator access on all computers. Running your computers with reduced privileges can mitigate most software vulnerabilities, because doing so protects common software.

2. Prevent users from accessing local shares, including administrative shares, or disable administrative shares to prevent the virus from spreading from one computer to another.

3. Strengthen the local administrator password. Changing the local admin passwords frequently (such as daily) helps to prevent hacker access to your organization’s systems. You can try a free tool like Microsoft’s Local Administrator Password Solution (LAPS), which changes the local admin password on systems automatically and on every computer (see https://technet.microsoft.com/en-us/library/security/3062591.aspx).

4. Disable Windows autorun to prevent the automatic spread of viruses. Many viruses attach themselves to a drive and automatically install on any other media connected to the computer.

5. Perform full file scans every day. Due to the sheer number and volume of new threats, viruses inevitably outsmart your security software from time to time. If you enable complete, daily scans of your system’s entire hard drive, you can add another layer of protection to detect, isolate and remove viruses that initially escape your security software’s detection.