Virus protection software has undergone significant change since it came to market 30 years ago. As threats have evolved, so have the tools and software businesses need to put in place to protect themselves. But is anti-virus still an adequate means of defence? Recent events such as the high profile ‘Wannacry’ ransomware attack, which apparently evaded traditional anti-virus protection to affect more than 400,000 devices, have not helped to reassure us that this basic level of protection is worth having.
The answer, in short, is that anti-virus is still a vital tool to protect your business, but it shouldn’t be the only means of defence, and you should use it wisely. Although it’s apparent ‘failures’ to withstand malware and ransomware attacks have damaged its reputation, anti-virus has moved rapidly with the times, from its infancy when fraud and crime via the internet were a rarity, to now, where it has been adapted to include elements of machine learning and behavioural analysis, to help understand how users interact with their devices. It’s also evolved to scan the multitude of different applications and files we now access; but often, users will become impatient at how long this takes, and cancel the process.
So why is anti-virus still a worthwhile tool? Despite all the apparent ‘holes’, and the ever- present threat of evolving strains of malware and ransomware, anti-virus, used properly, can offer the best first line of defence for a business. It’s vital that regular updates and scans are done, and that users don’t ignore these reminders.
Automatic updates are a good idea, as they will ensure your business isn’t reliant on a user to click ‘update’; the risk that they might not is too great. It’s also important that you invest in the full, paid versions of anti-virus software. The free tools often give only a taster of the necessary protection, often for a limited period, which can mean your systems are left unprotected without you realising.
Software providers are helping to tackle the threat; the likes of Apple and Microsoft have introduced features such as gatekeeping (helping to protect devices from apps which could adversely affect them), sandboxing (a security mechanism for separating running programs, often used to execute untested or untrusted programs or code from unverified or untrusted third parties and websites, without risking harm to the host machine or operating system), address space layout randomisation (a technique which prevents hackers from reliably jumping to a particular exploited memory function, by randomly arranging address space positions of key data to ‘confuse’ them) into their operating systems. Microsoft have also made a huge number of security enhancements to their latest release of Windows 10.
As previously mentioned, user training is very important to make sure you get the most out of the protection you have, and that employees aren’t unwittingly compromising the safety of your company. As well as enforcing automatic virus software updates, also educate your team on good, basic security practices such as avoiding clicking on potentially untrustworthy links, downloading email attachments they’re not sure of, or clicking links in emails. Although there are tools to help manage this (mentioned below), it’s far better if you can minimise your business’ exposure to the risks initially.
Web protection is a great partner to anti-virus; it locks malicious or suspicious websites, links in emails or files, and prevents them from being opened. Combining anti-virus and web protection is pretty cost effective for a small business too, starting from £3 a device. When you consider the substantial cost of a data breach to your business (estimated at around £1380 for each small business), this is a small price to pay to protect your business from the damaging consequences of cyber- crime.
Andy Hinxman is director of Keybridge IT.