The havoc caused to British business by the latest e-mail virus will cost at least £500,000 in lost production, according to the Institute of Chartered Accountants' IT Faculty.

Much of which could be easily reversed, according to IT spokesman, Dr Paul Booth.

"Good information management can help in the fight against computer viruses and other threats to security. It is not something that can be left to chance. Time after time people are ignoring simple housekeeping measures and leaving themselves open to the misery of an attack," he says.

The Faculty's five-point plan to remember is:

  • Preparation

Be prepared for attacks. Basic things such as regular and sound backups of data are vitally important in case of an attack by a destructive virus. If data loss occurs, backups make it possible to restore the system's efficiency.

A clean, write-protected, boot disk is an essential part of the virus recovery procedure. A separate clean boot disk is required for each operating system

Have a contingency plan to put into action if an attack does happen. This would list the person in the business that is responsible for dealing with the computer system.

  • Prevention

Buy the best application software you can afford, to guard against attack or update your present system; consider installing a new operating system and simplify your communication channels. Remember the greater the inbound traffic the more opportunity a virus has to enter the system

Make sure that everyone in the business knows of the dangers unauthorised software or downloads can do to a system. Educating your workforce about the dangers of using free software and downloading files from the Internet is a matter of common sense.

  • Detection

Effective virus detection is the main defence against a virus entering a computer system and is also an essential tool if a bug manages to skip initial virus prevention software. Because of the rate at which viruses occur it is vital that anti-virus software is updated on a regular basis.

  • Containment

If a virus is detected, infected items must be identified and isolated. A contingency plan prepared well in advance is invaluable. A point-by-point checklist makes it less easy to forget an important action if a virus strikes. Some of the key issues to be addressed should include:

Depending on what the virus is and where on the network it has been discovered, physically disconnecting PC's from the network

Any unauthorised disk use between PCs should be suspended. Putting masking tape over disk drives is a good way to show that drives should not be used.

All floppy disks should be protected by opening the write-protect shutter to ensure that no data can be written to the disk.

  • Recovery

Recovery from a virus attack involves

Identifying what is infected. This depends on what areas are infected. Use detection software to determine the virus type and the area infected. It is vital to locate all infected items. Just one remaining item can restart the infection.

    • Eliminating the bug by consulting the software to confirm the procedure for a specific virus.
    • Recovering the system from any virus side effects. This depends on the bug. In the case of innocuous viruses such as Cascade, recovery from side effects isn't necessary, while in the case of a virus such as Michelangelo; recovery will involve the restoration of the hard disk.

"In the past year computer systems have been threatened with hacking, viruses, criminal attacks and fraud. These attacks can be countered against somewhat by installing suitable security and educating the workforce. Following our plan can prevent costly problems," added

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.