By Grant Tiller, Senior Product Manager
There has been another scary outbreak of viruses (or should that be viri?) and it’s been mentioned in the press and on social media over the last couple of weeks – this one is called the Dorifel virus. Some of you may not have heard about this, as actually in the first instance, around 90% of the outbreak happened in The Netherlands.
It is a particularly nasty Trojan in that it encrypts things like Excel and Word documents, rendering them un-get-at-able and hence leaving the poor user in a state of un-productivity.
The outbreak was quickly brought under control, thanks to the speedy reactions of the major anti-virus vendors, but there is a concern (which is as-yet unproven) that the virus may have also taken credit card information too.
As RES Software is THE IT Productivity company, we were delighted to learn that the Dutch National Cyber Security Center has advised the use of RES Workspace Manager as a recommended method of preventing potentially damaging computer virus outbreaks.
We are keen on this proactive approach, as we are of the firm belief that prevention is better than cure.
For the near-on seven years that I have been working with RES Software, many people have asked me why our products don’t have self-healing capabilities. My answer has always been a very simple one – if you can stop an issue from happening in the first place, there is no need for self-healing.
As a quick example a well-known community member Remko Weijnen (@RemkoWeijnen) did a blog article in January (here) about how to use Excel to bypass security. The great thing about RES Workspace Manager is that with a few clicks, you can leverage the adaptive security to ensure that the environment is secure, and that the unauthorized (and undesirables) remain locked out. In order to block Remko’s exposed Excel vulnerability; we simply had to make a few configuration clicks within the RES Workspace Manager console (here).
Sorry, I digress – back to Dorifel. The recommendation from NCSC came on August 16 after the outbreak of the Dorifel virus had already infected companies, municipalities and government agencies, across The Netherlands. Whilst the attack was brought under control, the NCSC issued a set of recommendations to help prevent future outbreaks. Unfortunately, this document (here) was published in Dutch, but I have been told by my colleagues that it is generally a decent article, with some good and sensible advice.
RES Software is not an anti-virus software vendor, so what makes RES Workspace Manager a solution to this issue? The risks of malware attacks through user actions increase in direct proportion to the rights granted to those users. The balance between user rights and security is an age-old challenge for IT administrators everywhere. Users, of course, don’t want to work within the limitations and confines imposed by IT policy. However, the risks of malware attacks are both serious and rising. Desktop security company Symantec recently reported that more than 3 billion malware attacks occurred in 2010 alone, involving more than 286 million new malware variants (more here).
RES Workspace Manager places a powerful tool in the hands of IT professionals that allows them to grant user rights based on actual, context-aware needs, rather than on generic, user roles. This is especially powerful when managing the applications that can be invoked; and it can prevent the launch of unknown applications. Context awareness is a far more flexible way to govern user access – and it often makes life much easier for users as well.
I was interested to read how Max worked with community hero Helge Klein (@HelgeKlein) and leveraged RES Automation Manager to clean out his systems from the nasty Trojans that he contracted from who-knows-where!!!
People are discovering new uses for our software every day, and it’s one of the things that I love to hear about!