Preventative Strategies

No matter what the source, virus prevention can be broken down into four categories of activities:

• Preventing a virus from ever getting on to a system
• Avoiding activation of a virus that does make it on to a system
• Limiting the permanent damage an activated virus can do
• Preventing the virus from reproducing and spreading.

Organizations need to think through all four categories and need policies addressing each. It is not prudent to rely solely on only one of these measures. No single solution is completely foolproof; protection comes from overlapping and redundant safeguards. Moreover, these solutions are not merely implementations of additional technology. Virus protection also includes actions such as documenting correct procedures, educating users, or routinely scanning logs for suspicious activity.

The following sections list recommendations relevant to one or more of these categories; they are recommendations that organizations can begin implementing today.