Computer viruses are a constant danger in our interconnected business world, and keeping anti-virus software updated is only the first step in dealing with them.
Key Bank has a detailed response plan that goes into action the moment a virus is suspected. The virus is quickly hunted down and destroyed using a precise methodology. When the bank’s internal help desk diagnoses a problem as a potential virus or other malicious code, a technician is dispatched to examine the affected computer.
“We have developed a process and procedure that leads the technician through a set of activities to identify the problem,” says James Wade, senior vice president and chief information security officer for Key. “One of the first things we want to do is isolate that device. We don’t want to leave it online or take the chance of it spreading anywhere else, so we remove it from the network.”
The technician then searches for the source of the code and examines the file or e-mail system of the infected machine.
“Once they ID the source, the technician embarks on contacting that source,” says Wade. “If it came from a server, they go to the administrator who has responsibility for that server. If it’s from another user, they contact that user and isolate that machine. They continue down the path until they are relatively satisfied that they have contained the actual infection caused by the malicious code.”
Once a virus is confirmed, Wade’s office is notified. Wade then examines whether they have the proper fix for that particular virus. If it’s a new virus, the new fixes are downloaded and installed systemwide, and the new “inoculation” is added to the standard setup for any new machine coming online.
“Viruses cause a domino effect,” says Wade. “You have to look at each machine, one by one. You have to see what they had access to since the infection occurred.”
The type of virus helps direct where to look. Some are capable of spreading across multiple platforms, while others target specific Microsoft utilities.
Viruses in an e-mail that are detected by the bank’s anti-viral software on the way in are automatically eliminated, and the sender is notified. If a virus gets through the defenses, Wade and his team attempt to determine how it was introduced to the system, such as through a floppy disk or other means.
“It’s not unlike the medical field,” says Wade. “We follow the path to where the outbreak started. We stop it from going beyond where it has been detected and go back to the source and eradicate it.
“What we do is a benchmark practice across the industry. It follows the model of the medical practice. Our industry has transferred the existing process and technology from something that’s several centuries old and still evolving into the automated world.”
Wade recommends that every business make sure it has some anti-viral protection, and following a procedure to trace the virus back to its source will help protect your assets from future infections.
Key also promotes awareness among its employees to help with frontline defense.
“When someone begins employment, as part of their orientation they are informed about information security and privacy,” says Wade. “We acquaint them with the overall policy and include how to protect themselves, the company and the resources. It’s a never-ending thing. Notices are periodically sent out and message boards are updated to keep awareness up.
“We are really making sure that everyone at every level has a mindset that we are in a hazardous world. We are doing simple things as well as employing sophisticated technologies to make sure our operating, computer and physical environments are safe and secure.” How to reach: Key Bank, www.key.com
