Anti-virus software alone is not enough

Symantec“Anti-virus software alone is not enough”… so says the number one antivirus provider Symantec in this post. A rather stunning admission I would say, and something many in the security industry have known for quite some time.

The admission comes on the heels of the successful infiltration of the New York Times by Chinese hackers in late 2012. The Times reported that of the dozens of pieces of malware infecting the computers, Symantec detected only one. In their defense, Symantec noted that the Times was not using the reputation-based technology (known as heuristics). Still, they concluded with the statement that began this article.

Thom Infotech recommends a comprehensive five point strategy:

  1. Patch Management – Nearly every computer virus or malware infection gains entry into a computer by means of unpatched flaws in the computer’s operating system or the third-party applications installed on the computer. If you or if your IT provider are not maintaining your patch levels, then you’re a sitting duck. Our patch management tools automate this critical pillar of computer security
  2. Email Security – Since most exploits rely on infected websites, hackers are working overtime to trick you into clicking a link that directs you to a website containing the programs that can infect your computer. The most common way this is done is by sending out mass mailings that appear to be legitimate, but instead are cleverly crafted forgeries that contain links to the hacked websites. Our email security solution prevents the illegitimate messages from getting through to your inbox.
  3. Network Security – Constructing a secure perimeter is a critically important step in your computer protection strategy. Like ancient castles, you need a strong barrier between the outside world and your private network. Furthermore, you need a competent gatekeeper to oversee the traffic entering and leaving your network, making sure unwanted intruders stay out and valuable internal data stays in. A $100 electronics store router cannot be trusted with this critical gate keeping task. Thom Infotech recommends business-class Unified Threat Management (UTM) firewalls with up-to-date subscriptions to augment the previous measures and more fully secure your network.
  4. Antivirus Software – Despite the title of this post, we still recommend antivirus software. Specifically, Thom Infotech recommends managed antivirus software that protects your computers and servers under the watchful eye of your trusted advisor. What good is your antivirus software if nobody is paying attention to it – making sure it’s up to date and receiving alerts about detected threats? Our antivirus software reports to our network operations console 24x7x365, alerting us to threats as they occur.
  5. Disable or uninstall unneeded third-party software – Always use a web browser (such as Firefox or Chrome) that allows the disabling of plugins such as those from Adobe (Acrobat and Flash Player) and Oracle (Java). You can also ask to be prompted to run those apps, which would allow you to have them while lessening your exposure to the inherent risks. Still, if you don’t use Java, get rid of it. It’s not worth the risk.

A literal “all of the above” strategy will go a long way toward keeping you free of viruses and malware.