Quarantine in the cybersecurity world happens when files containing malware are placed into isolation for future disinfection or examination. This strategy puts the malware in a specific area of the storage device in order to prevent it from contaminating other files or systems. The quarantine process starts when anti-virus or anti-malware solutions detect a threat but can’t eliminate it immediately.
Most solutions should be configured to not delete malware suspected files immediately in case the threat reported is a false-positive.
CyberHoot remembers the day when an AV product was set to delete malware files upon discovery. An AV vendor signature update tagged a critical system file as malware and this led to blue screens of death throughout the server infrastructure and a terribly long day for IT. Always quarantine and manually delete malware files. AV Vendors are not perfect and you will save yourself a nightmare scenario of rebuilding systems from scratch.
Files marked for quarantine are encrypted and moved to a protected folder, preventing potential harm to the user’s system. Each solution has a ‘Quarantine Manager’ feature, where users can permanently delete or restore files from quarantine. Upon review of the archived files, an exception list (white/allow list) option is commonly given to bypass false positive detection.
Anti-virus and anti-malware software is a minimum essential solution for all businesses. It must be in place to scan for various threats on your computing systems. Popular brands CyberHoot can recommend include Sophos, McAfee, and Webroot. While these solutions are important, your company needs to take additional proactive measures to reduce the chances of becoming a victim of a cyberattack. CyberHoot recommends the following best practices to prepare for, limit damages, and in some cases avoid cyberattacks entirely. These are listed in order of importance:
Start building your robust, defense-in-depth cybersecurity plan today with CyberHoot.
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.