Cyber Essentials: Malware protection

Malware protection

Protecting against a broad range of malware (including computer viruses, worms, spyware, botnet software and ransomware) and including options for virus removal will protect your computer, your privacy and your important documents from attack.

Why is malware protection important?

Malware is a significant problem. Research by SentinelOne and Vanson Bourne found that 40% of UK organisations fell victim to an average of five ransomware attacks in 2017.

Malicious programs can be delivered physically to a system through a USB drive or other means, or via the Internet through drive-by downloads, which automatically download malicious programs to users’ systems. Malicious websites and phishing – scam emails disguised as legitimate messages that contain malicious links or attachments – are two common delivery methods. More sophisticated malware attacks often feature the use of a command-and-control server that allows attackers to communicate with the infected systems, exfiltrate sensitive data and remotely control the compromised device or server.

An attack can be incredibly damaging, so it is important to protect your system, your privacy and your sensitive documents.

How to protect yourself

The UK government’s Cyber Essentials Scheme provides a set of five controls that organisations can implement to achieve a baseline of cyber security, against which they can achieve certification in order to prove their compliance.

Certification to the scheme provides numerous benefits, including reduced insurance premiums, improved investor and customer confidence, and the ability to tender for business where certification to the scheme is a prerequisite.

New to the Cyber Essentials scheme? Find out more

One of the scheme’s five controls is Malware Protection. This can help restrict the execution of known malware and untrusted software and prevent harmful code from causing damage or accessing sensitive data.

To minimise the risk of malware, your organisation should adopt at least one of the following approaches:

Anti-malware software

  • Keep software up to date, with signature files updated at least daily.
  • Configure software to scan files automatically upon access. This includes when files are downloaded and opened, and when they are accessed from a network folder.
  • Ensure software scans web pages automatically when they are accessed through a web browser.
  • Ensure software prevents connections to malicious websites.

Application whitelisting

Only allow approved applications to be executed on devices. Ensure that your organisation actively approves such applications before deploying them to devices, and maintain an up-to-date list of approved applications.

The five Cyber Essentials controls

Patch management

 Learn more about patch management

Malware protection

Learn more about malware protection

Access control

Learn more about access control 

Secure configuration

Learn more about secure configuration

Secure your organisation with Cyber Essentials

With IT Governance, you can complete the entire certification process quickly and easily using our online portal for as little as £300.

Find out more

LEARN
FOR LESS
SAVE 25%