As a recommendation – is to use special key-tokens where all the keys and passwords in an encrypted form. It is also very good, when this token is also a pass into the room (the building), then the employee returned back to the bathroom to pull with a key (except back into the room you will not get), and for removing the key computer immediately blocked (this is on by default, but can be customized). Law number 8. Outdated antivirus software is only slightly better than its absence is indeed the case. But it is important to add: anti-virus software should have functions of heuristics and submit suspicious files directly to the antivirus company, alerting the administrator. It is necessary then that the recently intensified attacks on the company writing the specific viruses. Since this virus (trojan) was written specifically for ogrganizatsiyu, the antivirus software on it still does not know anything. And if there is no quick and proper reaction, may be too late.
You should also disable signatures in email messages that the files are updated so some antivirus software. Which antivirus is used should remain a mystery (though a needle in a haystack can not hide). Also is recommended to use some antivirus software on different machines – but it must be properly thought through, as it can greatly complicate the maintenance (and hence the response to the problem). Law number 9. Absolute anonymity Unattainable in life or on the Internet This law simply ignored. Are also encouraged to simply prohibit the many services in the workplace as well as combining some information comparing the ip addresses of users so that they write, you can collect enough information to break into the organization.
The prohibition of online services is often associated with the payment of working time, rather than with safety. (Suppose, for example, a worker spends on the forum just 15 minutes working time – in fact much more – but it's been 15 * 5 = 1 hour and 15 minutes per week, or 5 hours a month. That is a month rabotkin loses at least one full working day (and it's only 15 minutes)) Act number 10. Technology is not panacea here, too, can add little. Technology is constantly changing and every bolt is tricky its a tricky nut. Therefore, the cost of hacking should be constantly reassessed, should be constantly institutional arrangements, aimed at security, and software updates technical foundation. Well, you want to learn and understand how it works one or another program or service and where it has weaknesses.