TL; DR kana nharembozha yako ichida antivirus, saka uri kuita zvese zvakaipa uye antivirus haizokubatsira.
Iyi positi mhedzisiro yegakava rinopisa pamusoro pekuti antivirus inodiwa here panharembozha yemakambani, mune zvipi zviitiko zvaanoshanda, uye mune zvipi zvisingabatsiri. Chinyorwa chinoongorora mhando dzekutyisidzira idzo, mudzidziso, antivirus inofanira kudzivirira kubva.
Vatengesi veAntivirus vanowanzo kwanisa kugonesa vatengi vemakambani kuti antivirus ichavandudza kuchengetedzeka kwavo zvakanyanya, asi kazhinji izvi ndezvekudzivirira kwekunyepedzera, izvo zvinongoderedza kusvinura kwevashandisi nevatungamiriri.
Izvo zvakakodzera zvekambani zvivakwa
Kana kambani iine makumi kana kunyange zviuru zvevashandi, hazvibviri kugadzirisa nemaoko mudziyo wega wega mushandisi. Zvirongwa zvinogona kuchinja zuva rega rega, vashandi vatsva vanouya, mbozhanhare dzavo uye malaptops anopwanya kana kurasika. Nekuda kweizvozvo, basa rese revatariri raizove nekutumirwa kwemazuva ese kwezvirongwa zvitsva pamidziyo yevashandi.
Dambudziko iri rakatanga kugadziriswa pamakomputa edesktop kare kare. Munyika yeWindows, manejimendi akadai anowanzoitika uchishandisa Active Directory, centralized authentication system (Single Sign In), nezvimwe. Asi ikozvino vashandi vese vane mafoni akawedzerwa kumakomputa avo, pairi chikamu chakakosha chemaitiro ebasa chinoitika uye data yakakosha inochengetwa. Microsoft yakaedza kubatanidza Windows Phones yayo mune imwe ecosystem neWindows, asi pfungwa iyi yakafa nekufa kuri pamutemo kweWindows Foni. Nokudaro, munharaunda yekambani, chero ipi zvayo, unofanira kusarudza pakati peAroid uye iOS.
Iye zvino munharaunda yemakambani, iyo pfungwa yeUEM (Yakabatana endpoint manejimendi) iri mufashoni yekubata vashandi zvishandiso. Iyi yepakati manejimendi sisitimu yenharembozha uye desktop makomputa.
Centralized manejimendi yevashandisi zvishandiso (Yakabatana endpoint manejimendi)
Iyo UEM system maneja inogona kuseta akasiyana marongero emidziyo yemushandisi. Semuenzaniso, kubvumira mushandisi zvakanyanya kana kushoma kutonga pamusoro pechishandiso, kuisa maapplication kubva kune wechitatu-bato masosi, nezvimwe.
Izvo UEM inogona kuita:
Ronga zvigadziriso zvese - maneja anogona kurambidza zvachose mushandisi kushandura marongero pamudziyo uye achinje ari kure.
Kudzora software pane mudziyo - bvumidza kugona kuisa zvirongwa pachishandiso uye kuisa otomatiki zvirongwa pasina ruzivo rwemushandisi. Iye maneja anogona zvakare kuvharira kana kubvumidza kuisirwa kwezvirongwa kubva muchitoro chekushandisa kana kubva kune asina kuvimbika masosi (kubva kuApk mafaera mune iyo Android).
Remote blocking - kana foni ikarasika, maneja anogona kuvharisa mudziyo kana kubvisa iyo data. Mamwe masisitimu anobvumidza iwe kuseta otomatiki kudzima data kana foni isati yabata sevha kweanopfuura maawa N, kubvisa mukana wekuedza kubira kunze kwenyika apo vanorwisa vakakwanisa kubvisa SIM kadhi risati ratumirwa dhata rekubvisa kubva kuseva. .
Unganidza nhamba - tevera chiitiko chemushandisi, nguva yekushandisa, nzvimbo, bhatiri level, nezvimwe.
Chii chinonzi UEMs?
Pane nzira mbiri dzakasiyana dzekutarisira pakati pevashandi mafoni: mune imwe nyaya, kambani inotenga zvishandiso kubva kune mumwe mugadziri wevashandi uye kazhinji inosarudza manejimendi kubva kune mumwe chete mutengesi. Mune imwe nyaya, vashandi vanoshandisa zvishandiso zvavo zvebasa, uye pano zoo yeanoshanda masisitimu, shanduro uye mapuratifomu anotanga.
YAKO (Hunza mudziyo wako) ipfungwa umo vashandi vanoshandisa midziyo yavo yega uye maakaundi kushanda. Mamwe epakati manejimendi masisitimu anotendera iwe kuti uwedzere yechipiri account account uye kupatsanura zvizere data rako kuita rako pachako uye basa.
Muchokwadi, kune akawanda akawanda eUEM vanopa, asi isu hatizovaongorora ese mune ino chinyorwa. Chinhu chikuru chekuchengeta mupfungwa ndechekuti masisitimu akadaro atovepo uye anobvumira maneja kuti agadzirise zvishandiso zvevashandisi zvakakwana kune iripo yekutyisidzira modhi.
Kutyisidzira modhi
Tisati tasarudza maturusi ekudzivirira, isu tinofanirwa kunzwisisa zvatiri kuzvidzivirira kubva, chii chakaipisisa chingaitika mune yedu chaiyo. Zvichienderana nekutaura: muviri wedu uri nyore kukuvadzwa nebara uye kunyange forogo uye chipikiri, asi isu hatipfeke vheti inodzivirira bullet pakubva pamba. Naizvozvo, yedu yekutyisidzira modhi haisanganisi njodzi yekupfurwa munzira yekuenda kubasa, kunyangwe nenhamba izvi hazvigoneke. Uyezve, mune mamwe mamiriro, kupfeka bulletproof vest kwakakodzera zvachose.
Mienzaniso yekutyisidzira inosiyana kubva kukambani nekambani. Ngatitorei, semuenzaniso, iyo smartphone yemutumwa ari munzira kuendesa pasuru kune mutengi. Yake smartphone inongori nekero yekutumira kwazvino uye nzira iri pamepu. Chinhu chakaipisisa chinogona kuitika kune data rake kudonhedza kwepasuru yekutumira kero.
Uye heino iyo accountant's smartphone. Anokwanisa kuwana kune network yekambani kuburikidza neVPN, ane kambani yemutengi-bhengi application yakaiswa, uye anochengeta magwaro ane ruzivo rwakakosha. Zviripachena, kukosha kwe data pamidziyo miviri iyi inosiyana zvakanyanya uye inofanira kuchengetedzwa zvakasiyana.
Ko antivirus ichatiponesa here?
Nehurombo, kuseri kwemasirogani ekushambadzira izvo zvinorehwa nemabasa anoitwa neantivirus panharembozha anorasika. Ngatiedzei kunzwisisa zvakadzama izvo antivirus inoita pafoni.
Security Audit
Mazhinji emazuva ano enhare antivirus anoongorora zvigadziriso zvekuchengetedza pane mudziyo. Kuongorora uku dzimwe nguva kunonzi "device reputation check." Antiviruses anoona mudziyo wakachengeteka kana mana mamiriro akazadzikiswa:
- Chishandiso hachina kubiwa (mudzi, jailbreak).
- Mudziyo une password yakagadziriswa.
- USB debugging haina kugoneswa pane mudziyo.
- Kuiswa kwemaapplication kubva kune asina kuvimbwa masosi (sideloading) hakubvumidzwe pane mudziyo.
Kana, semugumisiro wekuongorora, chigadzirwa chacho chinowanikwa chisina kuchengetedzeka, antivirus ichazivisa muridzi uye inopa kudzima "ngozi" kushanda kana kudzorera firmware yefekitari kana pane zviratidzo zvemidzi kana jailbreak.
Zvinoenderana netsika yekambani, hazvina kukwana kungozivisa mushandisi. Zvirongwa zvisina kuchengetedzeka zvinofanirwa kubviswa. Kuti uite izvi, unofanirwa kugadzirisa mitemo yekuchengetedza pane nharembozha uchishandisa iyo UEM system. Uye kana mudzi / jailbreak ikaonekwa, iwe unofanirwa kukurumidza kubvisa data yekambani kubva pachigadzirwa uye kuvharira kupinda kwayo kune network yekambani. Uye izvi zvakare zvinogoneka neEM. Uye chete mushure memaitiro aya anogona kunzi nharembozha yakachengeteka.
Tsvaga uye bvisa mavhairasi
Kusiyana nekutenda kwakakurumbira kuti hakuna mavhairasi eIOS, ichi hachisi chokwadi. Pachine zviitiko zvakajairika musango kune ekare shanduro dze iOS izvo
Ne Android mamiriro acho akasiyana. Zvishandiso zvinogona kuwana ruzivo nezve maapplication akaiswa pane mudziyo. Ivo vanogona kutowana kugovera kwavo (semuenzaniso, Apk Extractor uye analogues ayo). Android zvikumbiro zvakare zvine kugona kuwana mafaera (semuenzaniso, Total Commander, nezvimwewo). Zvishandiso zveAndroid zvinogona kuderedzwa.
Nekugona kwakadaro, inotevera anti-virus algorithm inotaridzika zvine musoro:
- Cheki yekushandisa
- Tora runyoro rweakaiswa maapplication uye cheki (CS) yekugovera kwavo.
- Tarisa maapplication uye CS yavo kutanga munharaunda uyezve mudura repasi rose.
- Kana iyo application isingazivikanwe, endesa kugovera kwayo kune yepasi rose dhatabhesi kuti iongororwe uye decompilation.
- Kutarisa mafaera, kutsvaga masiginecha ehutachiona
- Tarisa mafaera eCS ari munharaunda, ipapo mudura repasi rose.
- Tarisa mafaera ezvinyorwa zvisina kuchengetedzeka (zvinyorwa, zvakashandiswa, nezvimwewo) uchishandisa yemuno uyezve dhatabhesi repasi rose.
- Kana malware akaonekwa, zivisa mushandisi uye/kana kuvharidzira kuwana kwemushandisi kune iyo malware uye/kana kuendesa ruzivo kuUEM. Izvo zvinodikanwa kuendesa ruzivo kuUEM nekuti iyo antivirus haigone kubvisa yakazvimiririra malware kubva pachigadzirwa.
Chinonyanya kunetsa ndechekuti mukana wekuendesa kugovera kwesoftware kubva kuchishandiso kuenda kune yekunze server. Pasina izvi, hazvibviri kuita "kuongororwa kwemaitiro" anonzi nevagadziri veantivirus, nekuti Pamudziyo, haugone kumhanyisa application mune yakaparadzana "sandbox" kana kuiparadza (kuti inoshanda sei kana uchishandisa obfuscation mubvunzo wakasiyana wakaoma). Nekune rimwe divi, zvikumbiro zvemakambani zvinogona kuisirwa panhare dzevashandi zvisingazivikanwe kune antivirus nekuti hazvisi paGoogle Play. Aya maapplication enhare anogona kunge aine data rinonzwisa tsitsi izvo zvingaite kuti maapplication aya asanyorwa pachitoro cheveruzhinji. Kuendesa kugovera kwakadaro kumugadziri weantivirus kunoratidzika kunge kwakashata kubva pakuona kwekuchengetedza. Zvine musoro kuvawedzera kune zvisiri izvo, asi ini handisati ndaziva nezve kuvapo kweiyo michina yakadaro.
Malware pasina midzi ropafadzo anogona
1. Dhirowa hwindo rako risingaoneki pamusoro pekushandisa kana shandisa kiibhodhi yako kukopa data rakaiswa nemushandisi - account paramita, makadhi ekubhangi, nezvimwe. Muenzaniso wenguva pfupi yapfuura ndeyekusagadzikana.
2. Svika data mumadhairekitori eruzhinji - kurodha, zvinyorwa, gallery. Hazvikurudzirwe kuchengetedza ruzivo rwakakosheswa nekambani mune aya madhairekitori nekuti anogona kuwanikwa nechero application. Uye mushandisi pachake achagara achikwanisa kugovera gwaro rakavanzika achishandisa chero application iripo.
3. Kutsamwisa mushandisi nekushambadzira, mine bitcoins, kuve chikamu chebhotnet, nezvimwe.. Izvi zvinogona kukanganisa mushandisi uye/kana mashandiro emudziyo, asi hazvizokonzerese kutyisidzira data rekambani.
Malware ine midzi ropafadzo inogona kuita chero chinhu. Iwo haawanzo nekuti kubira emazuva ano Android zvishandiso uchishandisa application hazvigoneke. Nguva yekupedzisira njodzi yakadai yakawanikwa yaive muna 2016. Iyi ndiyo inonakidza Dirty COW, yakapihwa nhamba
Mafaira akashata anogona kukuvadza ese nharembozha uye makambani masisitimu aanowana. Ngatitarisei pane izvi zviitiko zvakadzama.
Kukuvadza kune nharembozha kunogona kukonzerwa, semuenzaniso, kana ukadhawunirodha pikicha pairi, iyo, kana yakavhurwa kana pakuyedza kuisa Wallpaper, inoshandura mudziyo kuita "chidhinha" kana kuitangazve. Izvi zvingangokuvadza mudziyo kana mushandisi, asi hazvikanganise kuvanzika kwedata. Kunyange zvazvo pane zvisizvo.
Kusagadzikana kwakakurukurwa munguva pfupi yapfuura
Mafaira anotamiswa kubva kune nharembozha anogona kukonzera kukuvadza kune emakambani masisitimu. Semuenzaniso, kune faira rine hutachiona pane nharembozha isingakwanise kukuvadza mudziyo, asi inogona kukanganisa Windows komputa. Mushandisi anotumira faira rakadaro neemail kune waanoshanda naye. Anoivhura paPC uye, nekudaro, anogona kuipa. Asi anokwana maviri maantivirus anomira munzira yeiyi kurwisa vector - imwe pane email server, imwe paPC yemugamuchiri. Kuwedzera yechitatu antivirus kune iyi ketani pane nharembozha inoita kunge yakadzikama paranoid.
Sezvauri kuona, iyo yakanyanya kutyisidzira munyika yedhijitari yemakambani ndeye malware isina midzi ropafadzo. Vangabvepi panharembozha?
Kazhinji ivo vanoiswa vachishandisa sideloading, adb kana yechitatu-bato zvitoro, izvo zvinofanirwa kurambidzwa panharembozha nekuwana kune network yekambani. Pane mbiri sarudzo dzekuti malware isvike: kubva kuGoogle Play kana kubva kuUEM.
Usati washambadzira paGoogle Play, zvese zvinoshandiswa zvinofanirwa kuongororwa. Asi kune maapplication ane nhamba diki yekumisikidza, cheki dzinowanzoitwa pasina kupindira kwevanhu, chete mune otomatiki modhi. Naizvozvo, dzimwe nguva malware anopinda muGoogle Play, asi zvakadaro kwete kazhinji. Antivirus iyo dhatabhesi yakagadziridzwa panguva yakakodzera ichakwanisa kuona maapplication ane malware pachigadzirwa pamberi peGoogle Play Dziviriro, iyo ichiri kusara kumashure mukumhanya kwekuvandudza antivirus dhatabhesi.
UEM inogona kuisa chero application pane nharembozha, incl. malware, saka chero application inofanirwa kutanga yaongororwa. Zvishandiso zvinogona kutariswa zvese panguva yekuvandudza kwavo uchishandisa static uye ane simba ekuongorora maturusi, uye nekukurumidza vasati vagovaniswa vachishandisa nyanzvi mabhokisi ejecha uye/kana anti-virus mhinduro. Izvo zvakakosha kuti application isimbiswe kamwe isati yaiswa kuUEM. Naizvozvo, mune iyi kesi, antivirus pane nharembozha haidiwi.
Network kuchengetedza
Zvichienderana nemugadziri weantivirus, network yako yekudzivirira inogona kupa chimwe kana zvimwe zvezvinotevera.
URL kusefa kunoshandiswa ku:
- Kuvharisa traffic nezvikamu zvezviwanikwa. Semuenzaniso, kurambidza kuona nhau kana zvimwe zvisiri zvekambani pamberi pekudya kwemasikati, kana mushandi ari kunyatsoshanda. Mukuita, kuvharira kunowanzo shanda nezvirambidzo zvakawanda - vagadziri veantivirus havagaro gadzirisa madhairekitori ezvikamu zvezvishandiso nenguva, vachifunga nezvekuvapo kwe "magirazi" mazhinji. Uyezve, kune vasingazivikanwe uye Opera VPN, iyo inowanzosavharwa.
- Dziviriro kubva ku phishing kana spoofing yevanotangwa. Kuti uite izvi, ma URL anowanikwa nemudziyo anotanga kuongororwa achipikisa anti-virus database. Manongedzo, pamwe chete nezviwanikwa zvavanotungamira (kusanganisira zvinogona kudzokororwa kwakawanda), zvinotariswa zvichipesana nedhatabhesi yenzvimbo dzinozivikanwa dzephishing. Iro zita rezita, chitupa uye IP kero zvakare inosimbiswa pakati penharembozha uye server yakavimbika. Kana mutengi neseva vakagamuchira data rakasiyana, saka iyi ingangove MITM ("murume ari pakati"), kana kuvharira traffic uchishandisa imwechete antivirus kana akasiyana marudzi eproxies uye mafirita ewebhu panetiweki iyo nharembozha yakabatana. Zvakaoma kutaura nechivimbo kuti pane mumwe munhu pakati.
Kuti uwane mukana wekufambisa nhare, antivirus inovaka VPN kana kushandisa hunyanzvi hweKuwanika API (API yezvikumbiro zvakaitirwa vanhu vakaremara). Kushanda panguva imwe chete kwemaVPN akati wandei panharembozha hazvigoneke, saka kuchengetedzwa kwenetiweki kubva kune antivirus inovaka yavo VPN haishande munyika yemubatanidzwa. VPN kubva kune antivirus haingoshande pamwe chete nekambani VPN, iyo inoshandiswa kuwana iyo corporate network.
Kupa antivirus kupinda kune Accessibility API kunoisa imwe njodzi. Kuwana iyo Yekuwanika API zvinoreva mvumo yekuita chero chinhu kumushandisi - ona izvo mushandisi anoona, ita zviito nemaapplication panzvimbo yemushandisi, nezvimwe. Tichifunga kuti mushandisi anofanira kupa pachena antivirus kuwana kwakadaro, zvingangoramba kuzviita. Kana, kana akamanikidzwa, anozvitengera imwe foni isina antivirus.
Firewall
Pasi pezita iri pane mabasa matatu:
- Kuunganidzwa kwehuwandu hwekushandiswa kwetiweki, yakakamurwa nekushandisa uye network mhando (Wi-Fi, cellular opareta). Vazhinji vagadziri vemidziyo yeAroid vanopa ruzivo urwu muApp Settings. Kuidzokorora munharembozha antivirus inoita kunge isingashande. Aggregate ruzivo pamidziyo yese inogona kufarira. Inounganidzwa zvinobudirira uye kuongororwa neUEM masisitimu.
- Kudzikamisa mobile traffic - kuseta muganhu, kukuzivisa iwe kana yasvika. Kune vazhinji vashandisi vemidziyo yeAroid, aya maficha anowanikwa muApp Settings. Kuiswa kwepakati pezvirambidzo ibasa reUEM, kwete antivirus.
- Chokwadi, firewall. Kana, nemamwe mazwi, kuvharidzira kupinda kune mamwe ma IP kero uye zviteshi. Tichifunga nezveDDNS pazvinhu zvose zvakakurumbira uye kudiwa kwekugonesa VPN nokuda kwezvinangwa izvi, izvo, sezvakanyorwa pamusoro apa, hazvigoni kushanda pamwe chete neVPN huru, basa rinoratidzika risingashandiswi mukushanda kwekambani.
Wi-Fi simba regweta cheki
Nharembozha antivirusi inogona kuongorora kuchengetedzeka kweWi-Fi network kune iyo nharembozha inobatana. Zvinogona kufungidzirwa kuti kuvapo uye simba re encryption zvinotariswa. Panguva imwecheteyo, mapurogiramu ese emazuva ano anoshandisa encryption kuendesa data inonzwisisika. Naizvozvo, kana imwe chirongwa chiri panjodzi padanho rekubatanidza, zvakare zvine njodzi kuishandisa kuburikidza nechero nzira dzeInternet, uye kwete chete neruzhinji Wi-Fi.
Naizvozvo, yeruzhinji Wi-Fi, kusanganisira isina encryption, haina njodzi uye haina kuchengetedzeka zvishoma kupfuura chero imwe isina kuvimbika nzira yekufambisa data isina encryption.
Spam Dziviriro
Dziviriro, semutemo, inosvika pakusefa mafoni anouya zvichienderana nerondedzero yakatsanangurwa nemushandisi, kana zvinoenderana nedhatabhesi yevanozivikanwa spammers avo vasingaperi kunetsa neinishuwarenzi, zvikwereti uye kukoka kunhandare. Kunyangwe vasiri kufona panguva yekuzviparadzanisa nevamwe, ivo vachakurumidza kutanga zvakare. Kufona chete ndiko kunoenderana nekusefa. Mharidzo pazvishandiso zveAroid zvazvino hazvina kusefa. Tichifunga nezve spammers vanogara vachichinja nhamba dzavo uye kusakwanisa kwekudzivirira zvinyorwa zvemashoko (SMS, pakarepo vatumwa), kushanda kwacho kunowedzera kushambadzira pane hunhu hunoshanda.
Anti-kuba
Kuita zviito zviri kure nenhare mbozha kana yakarasika kana kubiwa. Imwe nzira yekutsvaga My iPhone uye Tsvaga Chishandiso Changu masevhisi kubva kuApple neGoogle, zvichiteerana. Kusiyana nemaanalogues avo, masevhisi evagadziri veantivirus haagone kuvharira mudziyo kana anorwisa akwanisa kuigadzirisa kune fekitori marongero. Asi kana izvi zvisati zvaitika, unogona kuita zvinotevera nemudziyo uri kure:
- Block. Dziviriro kubva kune mbavha ine pfungwa dzakapfava, nekuti inogona kuitwa nyore nekugadzirisa zvakare mudziyo kune fekitori marongero kuburikidza nekupora.
- Tsvaga kurongeka kwemudziyo. Inobatsira apo mudziyo wakarasika nguva pfupi yadarika.
- Batidza beep kuti ikubatsire kuwana mudziyo wako kana wakanyarara.
- Reset mudziyo kune zvigadziriso zvefekitari. Zvine musoro kana mushandisi aziva kuti mudziyo wakarasika zvisingaite, asi usingade kuti data rakachengetwa pariri riburitswe pachena.
- Kugadzira mufananidzo. Tora mufananidzo weanorwisa kana akabata foni mumaoko ake. Chinonyanya kunetsa ndechekuti mukana weanorwisa anoyemura foni muchiedza chakanaka wakadzikira. Asi kuvapo pachigadzirwa chechishandiso chinogona kudzora chinyararire kamera ye-smartphone, kutora mafoto uye kutumira kune server yayo kunokonzera kunetseka.
Remote command execution yakakosha mune chero UEM system. Chinhu choga chinoshaikwa kubva kwavari kutora mifananidzo iri kure. Iyi inzira yechokwadi yekuita kuti vashandisi vatore mabhatiri kubva mumafoni avo voaisa mubhegi reFaraday mushure mekupera kwezuva rebasa.
Anti-kuba mabasa mune mobile antiviruses anowanikwa chete kune Android. Kune iOS, chete UEM inogona kuita zviito zvakadaro. Panogona chete kuve neUEM imwe chete pane iOS mudziyo - ichi chinhu chekuvaka cheIOS.
zvakawanikwa
- Mamiriro ezvinhu umo mushandisi anogona kuisa malware parunhare HAZVI ZVINOGARIRA.
- Yakanyatso gadziridzwa UEM pane yekambani mudziyo inobvisa kudiwa kweantivirus.
- Kana 0-zuva kushaya simba muhurongwa hwekushanda kuchishandiswa, antivirus haina maturo. Inogona kungoratidza kune maneja kuti mudziyo uri panjodzi.
- Iyo antivirus haigone kuona kana kusazvibata kuri kushandiswa. Zvakare nekuburitsa chigadziriso chechinhu icho mugadziri wacho haachabudisi zvigadziriso zvekuchengetedza. Kazhinji igore kana maviri.
- Kana tikafuratira zvinodikanwa zvevanodzora uye kushambadzira, saka emakambani enharembozha anodiwa chete pamidziyo yeAroid uko vashandisi vanogona kuwana Google Play uye kuisirwa zvirongwa kubva kune wechitatu-bato masosi. Mune zvimwe zviitiko, kubudirira kwekushandisa antiviruses hakusi kupfuura placebo.
Source: www.habr.com