Malware takes its name from the contraction of two words, malicious software. Malware comes in many different forms and can be described as software that has been written with the intent of doing damage in some way. The threat of malware can be mitagated by ensuring you have good security procedures in place.
Below are twelve key steps to get some information security fundamentals in place:
Backups
Backup systems and data, including an off-site backup
Updates
Update key software, particularly operating systems and productivity software
Security
Update security software
Emails
Take caution with unexpected or suspicious emails
Access Rights
Ensure that user accounts do not have higher privileges than really needed (particularly 'administrator' level)
Passwords
Ensure strong passwords are used, and that passwords are never revealed to anyone else
File Types
Take care with certain file types (e.g. .exe) and ensure known sources (e.g. Google Play Store for Android)
Unknown Code
Prevent unwanted code from running (e.g. disabling macros) and ensure antivirus software is scanning in real time
Security
Ignore instructions in emails or files to disable any security software or enable features (e.g. macros)
Network Security
Ensure wireless networks use WPA2 and wired networks are segmented
Training
Provide security awareness and data protection training to staff on a regular basis
Planning
Take time to develop plans in advance (including a 'business continuity and disaster recovery' plan)