Security

Is security software your best protection?

There's a lot of software out there that promises to make our computers safer, and everyone has their favorites. Corporations need these utilities to protect their investment, but can we reasonably expect these tools to protect users who can't&#8212or won't&#8212protect themselves?

Last time, I tossed out a few of my favorite PC utilities for regular system maintenance. The discussion that followed was terrific! I want to thank you in the community for all of your responses. The comments were a treasure trove of additional tools, tools of all kinds. Lots of you mentioned the security utilities that you rely on. It's these types of programs I want to focus on this week.

There were some very visible names mentioned in the comments to my last post. Ad-Aware came up for malware protection, as did Spybot. Several people recommended anti-virus solutions like AVG and NOD32, and a few more affirmed their faith in client-side firewalls. I'll be honest with you, though. I don't run a lot of security software on my personal PC.

That statement smacks of heresy, I know. Don't get me wrong; this is my personal stance, not my professional one. In every list of best practices for Windows users, installing programs like these are job number one, and all the computers I manage in my office run a suite of security software that protects them. My honest feeling, though: software can't ever protect users from their own bad computing habits. The best way to protect a computer from malware isn't to scan for it, detect it, or scrub it. The best protection is avoiding computing threats in the first place.

I don't feel the need to run a lot of security software on my personal machine because I don't practice risky behavior. An empowered and responsible user is the best computing protection available. Sadly, it's often easier to install security software on the PC than it is to instill good sense in the user. Keep installing security software on your organization's PCs, that's the only responsible course for a support pro. Security software only treats the symptoms of bad computing habits, though. It would be better if we could treat the disease itself.

21 comments
graham.jappe
graham.jappe

Having used windows since the ice age, and having seen the development of anti virus, malware etc. It seems that the companies have a vivid interest in maintaining a market. Have you ever wondered, that some of those companies or their employees who develop the software could be writing the viruses in the first instance. Stick to Linux, it's much safer.

JCitizen
JCitizen

on their own turf! Many of my clients already know the internet is a wildwest proposition! But they aren't going to buy into the new modern devices and polices that actually make security software obsolete. They seem to want to weather the risk to gain a balance between easy functionality and in depth defense. Good grief I have a lot of them mad at me for using restricted user rights and turning off fast user switching! They eventually find an acceptable compromise. I couldn't tell them to stop using security software - they practice too risky behaviour as a matter of course. I can just advise them of that and try my best to mitigate the risky environment they insist on putting themselves in. I doubt Vista will make this obsolete but I will wait to see how my trial works. XP 64 already foils most bugs because they won't run on it; however the code writers have been around busting Server 2003 for a while, so paranoia still rules!

dsservice
dsservice

I agree with William Im the same way I have not run any security software for 4 years and had no problem. Education is the best way to prevent the problem in the first place,but very hard to make happen in the organization???s of any size. so software is the best way out at this time.

kg.klr.cia
kg.klr.cia

That is all true, I totally agree with you. Actually, I saw that NOT using an Anti-virus is way much better than using it. I liked NOD32 alot, it is my recommended Anti-virus, but I would rather have none. I used to have Norton Internet Security, and it caused alot of trouble to my computer. It caused many system files to get corrupted. Now I only use my brain to protect my self from viruses, I simply don't download any "specious" programs, I usually read alot of reviews about the program or the video game that I am installing to make sure it's free of anything that would mess up my computer.

tarak
tarak

For example, a password manager makes password policies easier to enforce since users don't have to remember them.

BALTHOR
BALTHOR

Now how can you top that!

NickNielsen
NickNielsen

I don't worry too much about on-line threats. Like you, I don't engage in random clicking of all links, I only download from trusted sites (as much as possible. When I visit a new site or download from a new site, I usually do it in the sandbox. My preference is for Sandboxie (http://www.sandboxie.com/). Edit: corrected link

williamjones
williamjones

I don't have any magic bullets here. There are a lot of ways that we can shape behavior through things like usage policies and access restrictions. We can try and educate users about the dangers inherent in risky computing behavior, but there's no guarantee that it'll take. Do any of you have personal accounts of how you've successfully convinced someone to ditch their risky ways?

JCitizen
JCitizen

Yeah, I've considered it, but then again, any company getting caught at that would be out millions/billions of dollars, permanent loss of reputation, and possibly a jail sentence for a CIO as the US Attorney General would pounce on that in a heart beat. It just wouldn't be worth it; especially since they catch plenty of maleware automatically in their honeypot servers, and don't have to pay anything to get it. IT people who are already paranoid about this field are too suspicious for the anti-maleware to get away with such a scam! And I am sure all such companies are well aware of it.

manwethegreat
manwethegreat

.....how many years ago? 30? +? You are quite correct. No one can top that these days, but viruses, like everything else have advanced far beyond those days, & any modern "virus" (or other malware) could probably run circles around that original antivirus & delete it! :p OK, maybe not, but I think the point is clear. We need a new way to combat malware these days, & yes, as has been stated many times by many people, user education is really the only way to do it. Anything else is forever playing catch-up. But yes, I use spybot, adaware & other such free tools regularly. Which reminds me, it's time for another scan :D

JCitizen
JCitizen

security software solutions. I just don't agree with the author because most people are going to practice risky behaviour or see it as a part of doing business. We know you don't go there.

oneoar51
oneoar51

The cost of saving data and reloading the system usually convinces my customers that "Nothing can protect you from a bad click".

50THZ
50THZ

were declared extremely outdated over a year ago by various independent testing labs ... look at independent lab reviews (which can change yearly, if not quarterly) before you determine which combination of programs to use! Of course, also practice safe surfing and email habits, but I always say, better safe than sorry. Myself, I'm preparing to dump Windows entirely on all our computers for Fedora w/Linux SE.

Nodisalsi
Nodisalsi

No record of success as yet - but I have a suggestion. Every time you are called to fix an office PC which has been compromised by spyware and malware - look for evidence of PC use which could be potentially embarrassing to the user(s). Games and Screensavers which insert trojans and spyware are evidence of time-wasting in the shop or office. Adult material is evidence of odious - and potentially *illegal* - behaviour on the PC. Also, draw attention to Data Protection laws if sensitive information is within the scope of spyware and trojans. While fixing things and uncovering this material, bring up images from the cache - for all to see - and say out loud the time and date it was planted. Do your best to make the perpetrator of the compromise feel awkward - and have no reservations about getting them formally disciplined by their employer along the way. Home users can't be disciplined - but if you tell them that a compromised PC on a broadband connection or with a webhost account which isn't password locked could be used to host paediophile data... that should motivate them to lock up their behaviour.

NickNielsen
NickNielsen

I'm glad to hear that. It means HideMyHistory works! :^0 Edit: splelnig

Photogenic Memory
Photogenic Memory

There's nothing wrong with them and they're still continually updated. There's also nothing wrong with submitting a list of programs to use if you need advice on how to combat spyware, malware, addware, whatever, etc. Also safe surfing isn't always possible considering all the fakes and phoneys scams and sites out there in the virtual world. Also Fedora Core 7 may be more secure but Linux boxes get rooted too. And you should run a virus scanner on it just like Windows.

JCitizen
JCitizen

If they are truely "independent" labs then the only way I could believe a statement like that would be if you were using gateway appliances. I think many of those "labs" assume every SMB uses restricted group policy and user control or data encryption or many of the better technologies now available and they don't. I support cheap small businesses and home users and they won't go this route so I use the free stuff; if they like it, they go by the EULA and purchase the cheaper enterprise license for SMBs. I test these "old outdated" utilities in my own machines at my office, and I find nothing outdated about them at all. I constantly double check the safety of this by evaluating paid solutions that ARE rated top dog by the "independent" labs and I find no security breaches or stray maleware files. I find it incredible that anyone would call the free version of NOD32 outdated - BTW it is in 64bit now too!