Dealing with a virus in a professional and planned way reduces both its impact and its spread throughout the organization and beyond. A failure to respond appropriately to a virus incident can rapidly result in multiple system failures and continued infection.

We offer the following best practice guidelines on how to respond to virus incidents:

If possible, appoint a Virus Control Officer who would be the first point of contact for all virus alerts and who co-ordinates follow-up actions.Consider regularly reviewing software and files used for critical business processes to identify and investigate unauthorized and/or suspicious changes.Ensure that your organization has a Virus Incident Response Plan, drawn up jointly by the Information Security Officer, Virus Control Officer and System Administrator. Where no agreed response plan is in place, the reaction of users, IT and management are likely to be ad-hoc and inadequate, possibly turning a containable incident into a significant problem.When a virus is detected:immediately locate and scan the relevant file(s) with your anti-virus software to determine if the virus has been immunized.communicate a virus alert to warn staff of the incident and the appropriate responseestablish whether the virus might have infected others and, if so, respond accordingly - if necessary close down workstations and possibly parts of the network.following the virus attack, review the measures taken to minimize damage and prevent a recurrence, and question whether procedures and safeguards remain adequate. Consider updating your anti-virus file definitions on a more frequent, possibly daily, basis.Ensure that your server anti-virus software is configured to proactively scan all incoming and outgoing files. (Also investigate the source of any virus detected on OUTBOUND e-mail as this may indicate a failure to scan files on a workstation or the use of unscanned floppy disks or CD-Roms.)Update your anti-virus file definition files on a regular basisPromote awareness among users of the risks associated with e-mail, and train them to be aware of this type of cyber crime and their responsibilities for its prevention.

Virus attacks happen

There�s plenty of preventative advice available to protect business owners from a virus attack and even more security products to purchase. But small businesses, in particular, would be wise to also have a crisis plan in place for what some would argue is inevitable.

�Small businesses are more vulnerable to attack,� says Ben Rothke, director of security technology implementation at AXA Financial, a New York-based financial services firm, and the author of Computer Security � 20 Things Every Employee Should Know. Small and mid-size businesses �typically don�t have an IT department monitoring their network 24/7.�

Signs of a possible virus attack

So what can a company without an IT department do to prepare for the worst? For starters, know enough about viruses to know when the system�s been hit.

Computers start crashing all around the office at the same time.One or more computers get flooded with pop-up ads.One or more computers get multiple warning screens from your security software.One or more computers get flooded with strange e-mails that seem to be replicati

ng faster than they can be deleted.The company network slows down to near-standstill.Users are denied access when trying to log in.Respond immediately

Once it�s been determined the network�s been attacked, you need to react. �Simply put, responding to a virus is like fighting a fire,� says Devin Jopp, chief technology officer for SCORE, a counseling service for small business owners. Here are some tips for hot to respond to a virus attack.

Isolate Shut down all the infected computers and programs that appear to be infected to staunch the spread elsewhere within the network. As an added precaution, Joern Wettern, co-author of Firewalls for Dummies, says �disconnect any part of the system that is critical to your business� it helps to have those areas flagged in advance.�Treat Run your antivirus software. Jopp points out that 90 percent of all viruses can be identified and cleaned up by most antivirus programs.Diagnose In addition to identifying the virus, assess what parts of the network have been hit, the damage inflicted and what it will take to fix it. For more complicated attacks, have a local IT consultant with expertise in cleaning up viruses that can be called in on short notice. �A virus attack on a small business is too critical to let the fix-it guy in the office handle on his own� says Rothke.Learn See this as an opportunity to improve security for the next time. Chances are there�s room for improvement by way of updating software more frequently or training employees to avoid high risk web sites or dubious e-mail, for example.