From top computer manufacturers to industry white papers to the tech blogs, every resource consistently recommends antivirus software. While most systems come with native antivirus protection within the OS, it is generally accepted that a third-party antivirus package is also required. A number of excellent vendors offer these products, including Norton, MacAfee, AVG, and more.
But recently, more cyber security experts are saying that antivirus protection is unnecessary within the business environment. It is incapable of stopping today’s sophisticated attacks (such as the advanced persistent threats levied regularly against government and business organizations). Is antivirus software still necessary? Should you still bother with all those time-consuming updates? Here’s what today’s IT help desk needs to know.
Antivirus is Insufficient for Today’s Business Systems
Antivirus software is notoriously ineffective in stopping much more than the basic, low-level attack. While it catches the majority of viruses and spyware, it does not stop sophisticated attacks like key logging, backdoor attacks, root kits, etc. The fact is, the bad guys have antivirus software, too, and they use it to test their attacks and make sure current versions aren’t picking up their malware. So, can you scrap it altogether?
Where Antivirus Fits Within the Security Infrastructure
Even though antivirus software can’t stop all threats, systems without this protection still become infected with malware at a higher rate than systems without it. Scrapping antivirus isn’t the answer; the solution is using this software as part of a multi-layer system of protection. Besides, failing to use an accepted and affordable antivirus program puts you at risk of legal problems. How could you explain a failure to use such basic and widely-accepted protection? In many cases, businesses would also find themselves out of compliance with industry regulations.
Today’s security infrastructure requires three levels of protection: an antivirus solution plus a layer of endpoint protection, combined with incident response. The first two levels offer two tiers of protection, but in today’s IT environment, it’s safe to assume that some attacks will break through despite the help desk’s best efforts. An incident response level is necessary so that attacks can be detected quickly and stopped effectively.
The more layers you add to the IT security infrastructure, and the more varied and sophisticated these layers are, the less likely it is that malware developers will find a way through it. Also, think in terms of security when buying any type of new software package, including IT asset management software, accounting apps, content management systems, etc.
Remaking and Rebranding Antivirus Products
Unfortunately, established cyber security brands such as those mentioned before are often associated with the older antivirus protection that is no longer so effective, while a number of new brands have emerged, identifying themselves with more comprehensive and robust security solutions.
What’s important to remember when shopping for security solutions is that most of the established brands have already updated their products to include these new technologies. Consumers just still think of them as antivirus only, failing to realize that these packages offer much more. Some other features to look for when shopping for enterprise-level security packages include:
- App whitelisting
- App privilege management
- App integrity protection
- Endpoint execution isolation
- Endpoint visibility control
The more features and technologies that are incorporated into your multi-layer security infrastructure, the more protected you will be.
About Brandon Wolfe
Read more articles by Brandon