Select regional store:

Cyber Essentials: Malware protection

Protecting against a broad range of malware (including computer viruses, worms, spyware, botnet software, and ransomware) and including options for virus removal will protect your computer, your privacy, and your important documents from attack.

Why is malware protection important?

Malicious programs can be delivered physically to a system through a USB drive or other means, or via the Internet through drive-by downloads, which automatically download malicious programs to users’ systems. Malicious websites and phishing – scam emails disguised as legitimate messages that contain malicious links or attachments – are two common delivery methods. More sophisticated malware attacks often feature the use of a command-and-control server that allows attackers to communicate with the infected systems, exfiltrate sensitive data, and remotely control the compromized device or server.

An attack can be incredibly damaging, so it is important to protect your system, your privacy, and your sensitive documents.

How to protect yourself

The UK government’s Cyber Essentials Scheme provides a set of five controls that organizations can implement to achieve a baseline of cybersecurity, against which they can achieve certification in order to prove their compliance.

Certification to the scheme provides numerous benefits, including reduced insurance premiums, improved investor and customer confidence, and the ability to tender for business where certification to the scheme is a prerequisite.

New to the Cyber Essentials scheme? Find out more >>

One of the scheme’s five controls is Malware Protection. This can help restrict the execution of known malware and untrusted software and prevent harmful code from causing damage or accessing sensitive data.

To minimise the risk of malware, your organization should adopt at least one of the following approaches:

Anti-malware software

  • Keep software up to date, with signature files updated at least daily.
  • Configure software to scan files automatically upon access. This includes when files are downloaded and opened, and when they are accessed from a network folder.
  • Ensure software scans web pages automatically when they are accessed through a web browser.
  • Ensure software prevents connections to malicious websites.

Application whitelisting

Only allow approved applications to be executed on devices. Ensure that your organization actively approves such applications before deploying them to devices, and maintain an up-to-date list of approved applications.

Application sandboxing

Ensure that all code of unknown origin is run within a ‘sandbox’ that prevents access to other resources unless the user explicitly grants permission.

Secure your organization with Cyber Essentials

With IT Governance, you can complete the entire certification process quickly and easily using our online portal for as little as $390

Find out more

This website uses cookies. View our cookie policy