Small Business Defense – Anti-Malware (yes, again)

Microsoft recently released their Security Essentials product. This is a free anti-malware product, and analysts seem to think that it does a pretty good job at what it does.

However, I want to point out one thing that you probably already know: You get what you pay for.

Security Essentials is intended to be a lightweight anti-malware solution that competes against other free AV solutions. It does a decent job at protecting against the average threat and is certainly better than using nothing at all. However, it is a mistake to compare it to a professional anti-malware system. As SANS says, “Think of this as the AV as it used to be in 2000 or so.”

In short, if you are a home user and don’t care enough about your system to spent $50 a year to protect it, go ahead and use Security Essentials. However, if you are in a business environment, you need something that includes firewall, behavioral detection, network access control, data loss prevention and central management (and more). Security Essentials won’t cut it.

Lastly, if you do decide that you want to try it out, be sure you download the right thing. There are search engine optimization attempts going on to make malicious software (fake antivirus) appear on the search results instead of the link you really want. The right link is http://www.microsoft.com/security_essentials/.

Review Review – ComputerWorld’s Free AV Wrapup

This week, ComputerWorld released a review of free anti-malware systems.  The conclusions were much as one would expect, mostly that the free stuff works OK but the pay stuff is probably better.  The free systems are ranked here, if you are so inclined.

So, really, there’s nothing new here.  However, I do want to point out a few things:

  • Only one system has phone support, and that costs $50 per instance.
  • Many of them fund themselves with advertisements.
  • Heuristic detection was pretty poor across the board.
  • None of them update very frequently.
  • Most of these companies have a for-pay version available as well.

I know that most of us are always looking to cut costs, but the sheer number of times that I have removed expired or non-functional anti-malware systems indicates to me that this is very important.  Do not scrimp when it comes to security software. The good stuff costs real money for a reason.

If there is a problem, a reliable company will take care of you. The goal of a business in this space should be to help you maximize your profits.  Sure, they have to cover their costs and make a bit of profit themselves, but attitude is extremely important.  If they approach the problem of “people don’t want to pay for anti-malware” with “let’s constantly distract the users with popup ads”, do you think that they have your interests at heart?  If they charge as much for one support instance as it does to buy a license with unlimited support, do they really want to help you?  (And, do you think that they have an incentive to have you not experience problems?) If they make no distinction between “I am unable to login to World of Warcraft” and “I am unable to make payroll”, do you really want to work with them?

I mean no disrespect to ComputerWorld here.  I know that they serve both the consumer and business markets.  I know that there is a place for free anti-malware systems in the consumer space (though I think it’s quite small).  However, to answer the question “Can You Trust Free Antivirus Software?”, I’d have to answer unequivocally “no”. If you are in business, you should use a business-quality anti-malware suite.  Even if you’re at home, if your business requires you to use your home system, it should also be protected by a business-class anti-malware suite. 

Odds are that you know the cost of your time, and if you are unable to work because you get sick, you know what it’s worth to protect against that, that’s why we have health insurance (however it winds up being paid for in the U.S.).  Similarly, if your computer gets sick, how will that impact you?  Does your computer need health insurance too?

Mythic Monday – The Bunyip

Most folks in my culture don’t know much about the bunyip.  That is, unless they saw Dot and the Kangroo as an impressionable youth, in which case they had nightmares for years… but I digress.

According to aboriginal legend, the bunyip lives in lakes and emerges at night to devour animals or people nearby.  Like many monsters of this type, people were warned to avoid the rousing the wrath of the bunyip, or they would be eaten alive.  In short, if you left it alone, it would leave you alone.

The thing, though, is that the lake has a bunyip in it.  You all know it.  You may be able to fool yourself into a false sense of safety, but you all know that to retain that false sense of safety, there are things that you must do (or not do).  In the case of the bunyip, it’s a simple matter of not going out at night and not going near water.  (The rules are different in the Dreamtime, but this blog doesn’t dive into the minutia of mythology (much)).

These days, most Western people disregard such monster stories. Our lives are such that we don’t need to invent such stories to explain away unknowns. When people vanish from our lives, they are much more likely to get hit by a car or die of old age then they are to mysteriously vanish in the night. This doesn’t mean, however, that we don’t make up stories. Quite the contrary, we make them up all the time, in exactly the same way.

How many times have you felt like your computer follows a strange set of rules? Maybe there is an incantation you go through to make something start (The desktop icon doesn’t work, so you click the start menu, navigate to programs, go to “Microsoft”, click on “Word”, cross your fingers and hope it starts). Maybe there are things that you do differently in your life (Don’t use that computer to access the Internet, it’s too slow, use the laptop from work instead.)  Maybe you just warn others away from that particular system.

Maybe there’s a monster in your PC.

In the security field, we assign all sorts of names to these monsters: virus, worm, trojan, rootkit, backdoor, etc. We do this because, as monster hunters, it helps us to know what sort of creature we may be facing. It makes it easier to communicate tracking and hunting techniques. And sadly, just as in the stories, the monsters often win. Just when we think we have them figured out they turn out to have friends or be aligned with a trickster of some sort, then they come after us in force. It can be quite demoralizing.

However, we’re the experts, if we are so often stymied, what can you possibly do to protect yourself?

The first step is to stop hiding in your huts cowering from the night. If your computer is making you change your behavior, there’s a problem. Maybe it’s broken, maybe the app is poorly written, or maybe there’s a monster in there. The thing is, if you let your computer control you, you’ll never know if there’s a monster in the lake or if it’s just a floating log.

The second step, and one that would help us all a lot, is to start locking the lakes. Simply put, if you live in a world with monsters (as we do), it’s kind of stupid to invite them in. If you’re not running an antimalware system of some sort, you’re leaving your system open to be colonized by monsters. Similarly, if you visit other lakes that are likely to be infested with monsters, they just might follow you home. Practically, this means avoiding porn and gambling sites.

Lastly, if you think there may be a monster lurking around, you might want to consider calling in an expert monster hunter. We may not be as cool as the people in the movies, but we’ve got a fighting chance at getting rid of them. And after all, it’s better than being eaten in the night.