Malware: Safe Computing in a Dangerous World

Malware is an ongoing and widespread issue. Platforms previously considered relatively safe (Mac) are now getting targeted at an increasing rate.
[Discussed an example where a keylogger was found on a Stanford machines - web site in China selling SUNet IDs to get into PubMed for free]
As a minimum, essential Stanford software (Sophos, BigFix,..) should be installed on all desktops/laptops. For most Departments, users can self-register machines on the network. During this process, they are prompted to install SDT, Sophos, etc. and then receive automatic updates for site-licensed Stanford software.
Sophos does miss malware, as does any other AV software. When a machine appears to be infected without Sophos having quarantined any files, Malwarebytes free, standalone version has proven to be helpful.
Recommend users reformat USB flash drives after a couple of uses to decrease risk of transferring malware from computer to computer, especially if the USB stick has been used outside Stanford.
Educate users about responsibility to protect their devices and the Stanford network, issues with a machine need to be brought to the attention of IT staff (Administrative Guide Memo).
Personally owned equipment has to be kept patched, encrypted, etc. like Stanford-owned machine if used for work, to access Stanford resources.