Malware

Determining which antivirus application consultants should load

IT consultant Erik Eckel shares the four steps he usually follows when recommending antivirus software to clients.

Antivirus software is one of the few exception-free applications IT consultants should ensure is installed, licensed, and updated on all clients' Windows servers and workstations. The big question is: Which antivirus products should you install?

Cost is one concern

Cost is a predominant client concern. Despite the fundamental requirement for antivirus software, consultants frequently must convince business owners that investing in licenses and installation labor is an intelligent purchase. Consultants should help clients understand antivirus software's value by reviewing the returns it provides. If no antivirus software or a less expensive but less effective antivirus solution is deployed, the resulting downtime and system repair costs following a malware infection will easily surpass those of deploying a solid antivirus product.

Some antivirus manufacturers are more aggressive in offering discounts to consultants. That means the consultant will generate more revenue selling that vendor's software. In other cases, a consultant may find a competing brand proves more effective, but due to costs structures, the consultant will generate less revenue selling that product.

Still other antivirus vendors (such as CA) offer antivirus clients that can be installed on Windows servers. Others, such as AVG, state the client antivirus engine is incompatible on servers, thus forcing businesses to pay for more expensive server-based coverage when, in fact, all the business owner really desires is basic antivirus coverage on a file server.

One fact is certain: Free versions of popular antivirus programs, such as those from AVG, Avast, and Avira, should never be installed at commercial or nonprofit client sites. It is almost always a violation of the license agreement; free versions usually don't update virus signatures as often (an important concern within business environments where multiple systems are heavily used each workday), and other critical features (such as AVG's antirootkit functionality) are missing from the free, consumer-grade versions.

Functionality is really the key

Antivirus software margins ultimately shouldn't matter. Consultants should recommend antivirus solutions to clients based on what will work best for the client. Frankly, that's not always the same product.

Here's an example: Client A is a service company that employs skip trace checkers. These employees are charged with tracking down customers who have reneged on payment and possibly fled town with unpaid goods. These skip trace checkers will travel to any possible Web site attempting to locate leads on these individual's whereabouts. That means a lot of time spent on MySpace, Facebook, and similar sites. Further consider that the office consists of seven or eight Windows client workstations with no server or special firewall.

Client B is a medical practice with 55 staff using Windows client systems tightly locked down by server-based group policy restrictions. Further consider that the users' Internet sessions are tightly monitored and protected using a perimeter-based Web filter.

The same antivirus solution may not be appropriate for both clients. In fact, client A likely needs the strongest antivirus product available, even if the product requires manual installation and configuration at each workstation. Client B would likely be better served by a centralized antivirus solution that can be automatically pushed to all workstations, even if the antivirus platform provides only basic coverage, as multiple other protective methods are in place.

In a nutshell

When recommending client antivirus software, there are numerous solutions available to consultants. Typically, I follow these steps:

  1. Ignore software margins.
  2. Consider client objectives.
  3. Factor existing infrastructure.
  4. Recommend a solution to best meet client needs.

I'm curious to hear what other IT consultants think. Do you share the same mindset, or do you follow different rules? Post your comments below.

More about antivirus software on TechRepublic

Get weekly consulting tips in your inbox TechRepublic's IT Consultant newsletter, delivered each Monday, offers tips on how to attract customers, build your business, and increase your technical skills in order to get the job done. Automatically sign up today!

About

Erik Eckel owns and operates two technology companies. As a managing partner with Louisville Geek, he works daily as an IT consultant to assist small businesses in overcoming technology challenges and maximizing IT investments. He is also president o...

15 comments
rwparks.it
rwparks.it

The gist I get from the article is that there's no magic cure-all that'll suit every need. Be customer-oriented. Certain clients need solutions that accomodate their culture, environment, and budget. But I would stress that some Not-So-Best-Business-Practices have their risks. It's like the clothing store who couldn't justify paying for flood insurance; they lost everything when a tropical storm hit (true story).

animoid
animoid

I work with a client where I have recommended no antivirus or security policy. All passwords are the same for all logins and systems, and everybody knows them. The direct benefit is that there are never any login problems, ever. Implementing and supporting security costs more than it actually delivers in benefits. So far so good and the customer is very happy with its simplicity.

Canuckster
Canuckster

I have also found that familiarity with a particular product goes a long way as there is less of a learning curve on the client's part. Or perhaps their experience has been negative and selling a particular option seems out of the question.

tbmay
tbmay

I push it hard. Save files on a server. Years of experience has taught me it's the only bulletproof solution. Policies, anti-virus, personal firewalls, etc.....all of them eventually are compromised and the clients, users, bosses, etc say, "I thought we had antivirus." Many users, especially non-management employees, despise it. I maintain your machine should either be for work or play, not both.

Erik Eckel
Erik Eckel

I have to wonder if animoid's post is serious. My consulting phones would ring nonstop if we were to follow the practices he describes. What happens when a company has a disgruntled employee? That staff member has access to everything. That's a recipe for disaster. Antivirus is just an absolute necessity for Windows environments. The BBC has conducted tests showing that unprotected Windows systems, connected to the Internet, become infected in less than 10 seconds. Firewalls, strong AV and strong antispyware software are the only solution I've seen work for multiple clients. That, and strong passwords.

mafergus
mafergus

Just waiting for the implosion. I just hope there is some layered defense running on the servers and that their mail and web are hosted somewhere. I have a hard time seeing even if data is safe that you don;t run a risk of client computers getting corrupted and heaven forbid someone gets the lone password. That would keep me awake at night.

dave
dave

"Implementing and supporting security costs more than it actually delivers in benefits" I'm racking my brain to think how you can justify this statement. All I can come up with is that the client in question has no web connection, or operates a 24hr ghosting policy. In my experience, where there is an internet connection, viruses WILL follow. Although viruses may not destroy a client's data, it doesn't change the fact that it will directly affect their productivity: - Slowing down of PCs and networks. - Frustration with pop-ups. - System instability. And then there's the fact that company secrets could be walking out the door... And that is all ignoring the fact that while a PC is infected and connected to the internet, it will be actively attacking others... Oh, by the way, that means us! Recently, I've been seriously considering the possibility of going in completely the opposite direction; offering all anti-virus- and virus-related installation, support, removal, etc., completely free of charge. I'm still weighing-up the pro's and con's, and trying to work out all the implications. There is the question of clients becoming more lax about security, or whether user-inconvenience is sufficient incentive. I'm sure we will need to integrate some extra training anyway, if only to educate users about blame allocation. On the whole, I think I'm quite keen on the principal.

Bogdan Peste
Bogdan Peste

Did you also disable the USB ports so no one can plug in a memory stick containing a worm/virus? No security policy = autorun enabled by default and all websites are permitted. I see this working for a 5-20 employees firm, no remote VPN access, a good, REALLY good backup solution, all sensitive data on a remote file server and very happy employees that never disagree with management and potentially wipe out every document he may access.

Ron K.
Ron K.

All of the security software on the planet is only as good as your most recent, clean, backup image. How often have we at TR seen someone show up desperately needing to recover 'irreplaceable data' and say that they don't have backups, not even a UFD? Having a clean backup to restore means they'd be back up and running in very little time. Even all of our home computers have Acronis backup on them. I can restore mine in 15-17 minutes. I can't even load Windows that quickly, much less the other 148/149 programs on here. Servers would undoubtedly take longer to restore but building them from scratch would take longer yet.

tbmay
tbmay

...clean them up for free you can bet they'll become more lax. I encourage the clients to be pro-active. Many decide not to. Some have dealt with the consequences and some of them were still mad about the inconvenience and the bill. As another poster said in another thread, users tend to just want these things to magically turn their intent into reality. I really don't know why so many people have that idea but I've sure seen it.

tbmay
tbmay

I don't use Windows on file servers (or any server if I have a choice). One of the biggest reasons is just what we're talking about. Centurion on the workstations. This has the same effect as imaging the machine every time it's turned on, only it's much faster. As I said, it's often unpopular but the clients can make the investment or deal with lost productivity and PC repairs. I inform the manager this will not be popular with the employees; however, it honestly is the best solution. I worked in environments where we spent copious amounts of time fiddling with policies, filtering the web, and looking for the magic AV program and none of them were 100%. Even with hd protection, they can still infect the machine. It will just be gone once the machine is restarted.

tbmay
tbmay

With the price of hardware these days a server is just about a no brainer. If a business has 3 or more machines, it's a smart investment. I support clients via VPN and sometimes image the machines remotely. I prep a linux based boot disk and hold the images on their network server. They get a price break for my not having to drive. I support some businesses 50 miles away. As far as the hard-drive protection, it may not really be necessary for you as I suspect you're savy enough not to need it. Most of my clients simply don't have employees who won't mess their machines up. In some cases that's a ready-made excuse not to get their work done too. I recommend hd protection to ALL of my small business clients. Sometimes there is resistance. Sometimes they change their minds after dealing with the consequences. The key is, ethically, to present the options. If they have to pay me (or somebody else) for something that would have been prevented if they would have taken my advice, I have a clear conscience when I send the bill.

Ron K.
Ron K.

I've thought about it but there's no room to plug it in. It's a small network, after all. I was interested to read about Centurion. Thanks for mentioning it. If I get a wild-hair I'm going to try Deep Freeze on my computer, even though we have weekly backup images. DF is kind of an instant backup. Reboot and go.

tbmay
tbmay

I've never personally used it but I'm sure it's fine too. I'm just familiar with Centurion so it's what I recommend. Often I split partitions, if there could be reason for storing anything locally. (Favorites and bookmarks come to mind...pst files, etc.) However, I discourage local storage and point their documents storage to their server share. As was said, good images (drives do die even with hd protection), hd protection, and decent lan server will keep small businesses productive with few problems.

Ron K.
Ron K.

http://www.faronics.com/en/default.aspx I'm considering it for our home computers and will just leave the data area 'unthawed'. I'll try it first and if it's easy for me I know that I can train my other uses on it.