Few law firms, if any, are immune to the threat of malware, and the effects of an infection can be devastating. Law firm data and security can become compromised, let alone employee productivity, revenue and IT resources. For the purposes of this article, the term “malware” will cover types of malicious software, such as viruses, spyware, Trojans and rootkits. Considering that malware will not be disappearing anytime soon, it is important for law firms to develop an effective approach to handling it.
Create a checklist/runbook so the IT staff, or whoever is delegated the task of handling a malware infection, can do so methodically and efficiently. As an example, a plan may include some of these steps:
- Creating a list of approved tools to use
- Disconnecting the infected machine from the network to prevent spreading of malware
- Running the tools and analyzing whether the threat has been removed, including running a second scan with an additional/independent tool
- Deciding when to escalate the issue to the vendor’s technical support and when to simply stop and re-image the machine