Printer Friendly

Protection against computer viruses.

A tiny rogue program could easily disable your computer and erase all your files--programs and data. Raymond W. Elliott, CPA, a partner in the national auditing directorate of Coopers & Lybrand, describes the danger of such programs and how to protect against them. He is chairman of the Information Technology Research Subcommittee of the American Institute of CPAs. Like their biological namesakes, computer viruses can cause either inconvenience or worse, death-loss of important electronic data. Although some viruses are just sophomoric localized pranks, many of them get out of hand, triggering an epidemic fatal to thousands of computers.

A virus is a small, stealthy program designed to perform some computer act or function, either immediately or at some future time. Any number of events can trigger the embedded virus to activate: the occurrence of Friday the 13th or performing such a simple computer function as evoking a directory. In some cases, viruses simply display a harmless message on the screen; other times they destroy all the stored programs and data files; in extreme cases, they even can destroy computer components.

What makes viruses especially dangerous is that they're highly contagious. Once one gets a foothold in a computer, it almost surely will infect many other computers-with just a brief contact.

Viruses are spread in these ways: by transfering executable files from off a floppy disk, from off a network or by downloading an executable file through a modem.

No computer is immune. There is no practical, infallible way to guard against all possible viruses except through total "abstention"-isolating a computer so it does not use any software or files but its own. For obvious reasons, that's not a practical solution for most CPAS.

And once infected, there is no guarantee of an easy cure without "sterilizing" the computer's entire storage and memory, which means reformatting, or cleansing the hard disk, which results in the loss of all stored data and program files.

However, fairly effective protection and cure techniques are available. Unfortunately, the more effective they are, the more demanding are the mandated safety rules and needed compliance.

ANATOMY OF A VIRUS

Until a few years ago, software pranks were unheard of-except in university computer-lab circles. Mischievous students would sneak a virus into a friend's computer so that at a predetermined moment a message would pop up on the screen-such as "Got ya! " or "Happy Birthday, nerd! "

In a typical infection, a virus is hidden in what's called an executable file, which is a file that contains the instructions of a working program. Usually these files are labeled with a .EXE or COM extension, as in KEYBDRVR.EXE or COMMAND.COM.

When the file is introduced to the computer-via a floppy disk, a download from a bulletin board, or through a network-the program causes itself to be implanted onto the computer, usually onto the hard disk. The virus then copies itself onto other stored programs each time one of those programs is evoked. As a result, the duplication process accelerates at exponential speeds. In some cases, the fertile little programs multiply so prolifically that they soon saturate the computer, grinding it to a halt.

In network arrangements, where computers are linked, program sharing is allowed and proper operational and security measures are not consistently practiced, the speed of contagion is fastest.

If a floppy disk is introduced into an infected computer, it does not necessarily have to contain an executable file for it to become infected or function as a carrier. A certain type of virus, known as a boot sector virus, will infect computers when they are first booted up (turned on) with an infected disk in a drive.

In recent years, the stealth and destructiveness of viruses has accelerated. An increasing number have infected the business world; at least one has paralyzed a military computer network.

Such database text services as Nexus or Lexus present no virus dangers because they provide only read-only, not executable, files.

How vulnerable are a CPA firm's computers and their data files?

Very vulnerable. VIRUS PRESCRIPTIONS So what should a CPA do for protection? Total quarantine is impractical because CPAs need to share data files. Many software developers sell commercial programs to guard against or cure a virus attack. While many are excellent products, CPAs shouldn't be lulled into thinking they are foolproof. The protective programs are effective only when used as part of an overall protection policy and if they have a defense against a known virus. What limits their protection is that more devious viruses are developed regularly, and yesterday's defenses usually are ineffective against new programs.

The first defensive step is to develop some commonsense procedures that fit a CPA firm's working environment. Here are some practical guidelines:

* Don't allow anyone to introduce a floppy disk into any office computer unless the disk has first been checked out (see sidebar "How to Sanitize a Disk").

* Don't allow anyone to take a program or data file out of the office for use on another machine unless the returned disk is checked out before it's reused in the office.

* Don't permit computer users to download an executable program from a public bulletin board and run it on the firm's computers without first performing some software acceptance procedure to ensure it is virus-free.

* Buy all software from trusted vendors and check that newly purchased disks are still in their original shrink-wrapped packaging.

* Put a write-protect tab on questionable disks. The tab allows users to read off the disk, but not write to it.

* After copying and loading newly bought software, put the original disks in a safe place. That way a clean copy of a program always is available.

* If a virus is discovered on a floppy disk, physically destroy the disk. Reformatting may not be enough; some viruses survive reformat operations.

* Follow all rules even when dealing with clients' files and computers unless it's known the client follows effective safety procedures.

* Dedicate one computer in the office as the "clean machine." Do all software testing on this machine. Only after a program gets an OK should it be allowed to move onto other computers in the office.

The key to protection is awareness and vigilance. It takes only one lapse to defeat the whole protection system. n

HOW TO SANITIZE A DISK

If possible, avoid executable programs that come off bulletin boards. Because they are public-access programs, they often attract pranksters. Thus they're especially risky. It has been reported that some antivirus software obtained from a bulletin board actually contained a virus.

But if such a program must be used, put it through a thorough sanitizing procedure. Begin by asking the software's writer for a copy of what's called the source code, which explains in programmer's language the executable orders. A qualified programmer usually can spot the signs of a virus in that code.

If the source code is not available, a programmer can run the file. through a software utility, like Norton Utilities or PC Tools, to analyze the disk and the software. SAFETY STEPS WHEN WORKING AT CLIENTS'OFFICES When a CPA takes a portable computer to a client's office for on-site work, safety procedures are necessary. A checklist:

* When running software developed by or licensed to your firm on a client's computer, load it from a copy-not the original disk. After the disk is used, clean it before using it again on another computer.

* Never run software on your office computer if it was used on an outside computer-at home or at a client. If the software must be reloaded, only use a stored original.

* Before leaving on an outside assignment, check the exact size of all program files through DOS. After executing them, check the size again. If a program has been infected, one of its files typically will be slightly larger-a telltale clue. BACKUP PROTECTION The only sure way to prevent a worst-case disaster-loss of all data-in the event of a lethal infection, is to regularly back up all files.

If a proper backup policy is instituted, losses can be mitigated, even eliminated. Suggested advisories:

* Prepare a manual for each computer or class of computer used in the office. The manual should show what's loaded on the machine and its configuration: the AUTOEXEC.BAT, CONFIG.SYS, etc. List the locations of all backup programs and files.

* Better yet, make floppy disk copies of all files. In that way, after a disaster, the computer can be reloaded easily with those archived disks.

* Prepare data file backups on floppy disks at least as frequently as data are changed. Store all these disks in a separate, secure location. There are many software utilities designed to perform backups automatically.

* Never store data files in the same directories as application software. Keep them on separate disks. And if space is available, store them in different drives. It makes backups easier.
COPYRIGHT 1991 American Institute of CPA's
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1991, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Author:Elliott, Raymond W.
Publication:Journal of Accountancy
Date:May 1, 1991
Words:1477
Previous Article:Getting a better return on the firm's CPE investment.
Next Article:Mastering the deduction of postgraduate education.
Topics:


Related Articles
Don't catch the bug.
NEW VIRUSSCAN 4.5 OFFERS ENTERPRISE PROTECTION, MANAGES NET-CONNECTED PCs.
Love Bug Sparks Interest In E-Commerce Insurance.
First Anti-Virus Residing on Palm.
Computer Security in the Age of the Internet.
Trojan network threat.
Tape libraries: a different type of virus protection.
Webwasher thwarts Sober.1.
Internet Security 2006 also spyware 2006.
Kaspersky engine integrates with Tall Emu security solution.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters