Threat Level: green Handler on Duty: Russ McRee

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cyber Security Awareness Tip #8: Anti-Virus, Anti-Spyware, and Other Protective Software

Published: 2007-10-08
Last Updated: 2007-10-08 23:03:25 UTC
by Tom Liston (Version: 1)
0 comment(s)

Perhaps the single most important line of defense available for your computer today is a good, up-to-date anti-virus program.  Anyone who uses a computer in this day and age without adequate anti-virus protection enabled is simply asking for disaster to strike.

Anti-spyware software works to do much the same stuff as anti-virus software, but it targets a different class of malicious code – malware with a business model.

Together, these programs fall into a class that, for the remainder of this diary entry, we’ll refer to as “anti-malware”.

While anti-malware vendors go to great lengths to try to differentiate their products, touting various tests that prove that their software is the best, when dealing with typical end-users, I tend toward a rather more pragmatic selection method:

Choose an anti-malware program that you’ll use.  Choose something that you understand and that you feel comfortable with.  Choose a program that you can figure out how to keep updated.  Don’t worry about anything else: just choose something you’ll use.

Because, you see, these anti-malware programs create a sort of software Maginot Line to keep the bad stuff off of your computer.  If you choose software that someone else thinks is best, and you can’t figure out how to use it, then best or not, it won’t do you any good.

All anti-malware tools all suffer from neglect.  New malicious software is created every single day, and in order to be able to recognize these new programs, anti-malware software needs a constant supply of “signatures” – information that helps it recognize the bad stuff.

That’s why, more important that any or all of the features that anti-malware vendors want to sell, being able to actually use and update your anti-malware program is the most important feature of all.

Keywords:
0 comment(s)
Diary Archives