Why Antivirus Software Isn’t Enough

Gone are the days when the only way to infect your computer with a virus was by clicking on an infected email attachment. As the internet and computers have evolved, so has the malware that makes our computer lives miserable. Hackers and cyber criminals are more cunning and sophisticated than ever, finding new ways to infect computers and steal valuable data.
Think you’re safe because you’re using the latest and greatest antivirus software? Think again. We’ll show you why antivirus software, once the saving grace of cyberspace, is no longer enough to keep your systems safe.

Antivirus Only Protects Against Known or Predictable Threats

Antivirus products are designed to recognize and eliminate “known” malware threats by matching suspicious software with a database of digital signatures. In other words, unless the antivirus software has seen a particular threat in the past, it won’t necessarily protect your computer.

Recent developments have improved the effectiveness of antivirus software by providing solutions beyond simple signature-based detection. These additional components attempt to detect suspicious behavior, such as when a program attempts to change system registry settings or causes buffer overflow. But, this extra protection is generic at best and still only protects against threats that are inherently predictable.
In many cases, determined cyber criminals will test their malware on a computer that runs antivirus software and continue to perfect it until it is no longer perceived as a threat. This ensures that their malware deployment will succeed on many computer systems until an update to popular antivirus software programs is introduced.

It’s Only as Good as Its Last Update

Antivirus software depends heavily on a database of known malware components to provide protection. In order to continue to work properly, this database needs to be updated frequently, so the program can protect against the latest threats.
This situation presents two problems:

  1. Users may not update their antivirus software regularly, leaving themselves open to the latest threats.
  2. New threats appear almost every day, making it difficult for antivirus software makers to provide updates quickly enough to avert every problem.

Antivirus Software Doesn’t Prevent Human Error

The human factor is still the greatest threat when it comes to computer security. The fact is, antivirus software cannot protect users from themselves.  Countless malware infections happen everyday due to simple user actions such as:

  • Clicking links in emails from unknown sources
  • Failing to use care when clicking on website links
  • Downloading unknown software
  • Mistakenly providing sensitive data to unfamiliar websites
  • Disregarding security warnings

While your antivirus software may offer partial protection against some of these actions, companies should work to minimize the effects of human error by properly educating employees about safe internet and computer security practices.

There are More Pieces to the Security Puzzlesecurity puzzle

While antivirus software is still a powerful weapon in your security arsenal, it can’t do its job without help. Even officials at Symantec, one of the world’s leading providers of antivirus software, agree. In response to a report that hackers broke into the New York Times’ network while relying on the security protection from Symantec’s antivirus products, Symantec officials released this statement:

“Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats. We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security. Anti-virus software alone is not enough.”

The best approach to computer security combines layers of protection to discourage hackers and keep computer systems safer. Here are four additional strategies that will help.

1. Keep Operating Systems and Software up to Date

One of the most common ways hackers launch attacks is by exploiting vulnerabilities in operating systems and popular software packages such as Microsoft Office, Adobe, Flash or Java. Downloading the latest patches and updates removes these vulnerabilities and provides additional protection.

2. Firewall Software

You will want a business class firewall to keep your company data protected. Business class routers have extra features available like spam filtering, antivirus, intrusion prevention, and more. You won’t find enterprise firewalls in your local brick and mortar store like you would with personal firewall software, so don’t skimp on protecting  your network and data by getting a firewall that doesn’t have all the features you need for your business.
One of the most common issues we see with businesses that use firewall software is that they don’t change their default login. Always change your password from the default after you have set it up.

3. Encrypting Informationencryption lock

Even when hacker attacks succeed or viruses infiltrate your system, encrypting your files can make information useless if it is stolen from your computer.
Consider encrypting sensitive files that contain intellectual property, proprietary company files, confidential data and trade secrets.

4. Password Management

Companies should institute strict password protocols to prevent unauthorized access to network resources and sensitive data. Passwords should be at least eight characters long, contain numbers, special characters and both upper and lower case letters.
In our ever-changing world, it’s more important than ever to stay on top of the latest security threats and employ innovative solutions to keep your systems safe. While antivirus software is no longer the only solution available, the good news is that innovative companies are developing new solutions every day to combat today’s threats and those of the future.
No matter what your security solutions are, you should always have an off-site backup solution for your business data. There’s nothing worse than losing company data.
What is your company’s security strategy?