Anti-Virus Alone Is A Poor Strategy

Computer viruses and other malware such as worms, trojans and spyware, are rife and can cause tremendous damage to systems that become infected. Because of this, anti-virus (AV) technology is one of the most commonly deployed security controls used by the vast majority of computer users, from individuals to large organisations. According to the 2009 CSI Computer Crime and Security Survey, more than 99% of respondents have AV technology deployed.

Having been on the market for some years, there are a wide variety of choices of AV technology, from standalone tools to AV bundled into security suites that integrate a variety of other security controls. Many standalone tools are offered for free and provide just basic protection. According to OPSWAT Inc, in its Worldwide AV Market Share Report of June 2010, free AV tools account for 42% of the total market share.

Even with the use of AV technology being so widespread, malware infections were cited as the worst security incident faced by respondents to the CSI survey and are growing in number and complexity.

This is made in the information security survey 2010 operational violations by Infosecurity Europe, which had in the previous year 62% of the large companies with malware infected to find response to three times over three years from 21% three years earlier, and 43% of small businesses. Total malware infections were confronted the cause of the worst incident of organizations of all sizes on the previous year.

Such malware attacks are growing sophistication and complexity in, often with variations of known exploits about defense should get in previously taken. Mid-2010, technology provider McAfee research shows that 10 million malware samples in its database was released in the first half of 2010 alone, of which the most variants of known malware families are entered. For example, stipulates that it not uncommon Koobface, the harvest is more than 10,000 variants of the worm information of users of social networking sites to see in a single month.

The Conficker worm can the complexity of new malware in the case to use a set of advanced malware techniques to make it harder, she completely combines see. Often in computer networks of infected removable, disables it access to anti-malware sites, automatic updates, blocked a patch against them could and kills all anti-malware protection on the device installed. Its authors are also known Conficker against anti-malware defence trade, available, to ensure that they defeat to test.

Factors like these mean that traditional AV, based protection known threats signatures to identify and patching, offer little protection. This lets the users in an endless cycle of updating their AV software patches as they are released and the cleaning of infections that have taken place that often requires support from the AV technology provider. And here’s the catch. Very few free AV products of any support by the manufacturer and the cost of supporting a high price can add include.

Plus, only some products provide protection to the detection patterns allow unknown threats to recognize terms, so that users with large gaps in protection. Many traditional standalone AV products both free and paid versions are also ineffective, against new threats that are often highly targeted and use a series of blended more successful mechanisms to ensure their payload. For example, a user can a personalised phishing email, that a Web site with malware infected clicking a link that takes them calls are sent. Many standalone AV products offer no protection against such attacks as she are infected it to controls to protect of the users of sites with malware or provide proactive protection against phishing attacks.

Who is in danger, victims of an attack that could cost expensive on old, stand-alone, signature-based AV Control. This is updated versions of the software on the cost of cleaning up after an attack and the time and cost with patching devices or purchase involved. Javelin Strategy and research estimates that more than nine million Americans had their identities through their personal information stolen are harvested from Internet applications or any other means.

According to the UK Home Office, identity theft costs the UK economy £1.2 billion per year.

That does not mean to say that computer users should not deploy AV controls. Rather, AV and other anti-malware technologies should be one component of a layered security defence, along with a host of other tools and services. These include a firewall and intrusion prevention capabilities, web filtering and blocking, email, phishing and spam protection, and, for consumers, parental control functionality.

These security controls should be integrated should be conducted by a central console or interface in the case where the products managed and maintained for the user through a hosted service provider. True, the provider provide proactive protection against all threats should computer users proactive intelligence services, previously unknown threats to identify how they occurred. For every computer user home users, small businesses or large organizations, the cost of technology, a central concern is especially as budgets are under pressure. But these costs must both against the weight of maintaining existing AV controls, including the modernisation and vendor support costs are weighed and the dangers of not using their systems sufficiently protected. Upgrade to a better protection than the cost for the renovation can a security incident.

For many small businesses and consumers, a cultural change is required. The survey referenced above from Infosecurity shows that 83% of small organisations with less than 50 employees had experienced a security incident during 2009—up from 45% the year before. And the average cost of clearing up after an incident for such organisations ranged from £27,500 to £55,000. Clearly it is not just large organisations that are being victimised.

The key to lowering such costs is to purchase multi-tier protection. Rather than thinking that it is sufficient to place security controls to guard the perimeter of the organisation, the cultural change that is needed is to start thinking of security in terms of the assets that need to be protected–sensitive personal information and intellectual property and the like that can be used for financial gain.

Organisations of any size, and consumers alike, should look to gain an understanding of what impact the loss or compromise of such assets would be on their business or their personal life. Then they will be in a position to decide what controls need to be put in place to protect those assets from the whole gamut of threats facing computer users today. There are many hidden costs in anything that appears to be free or low cost and, in business, a bargain is rarely as good as it sounds.

Leave a Comment


four × 8 =


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>