In this short article we look at five very important and often-misunderstood facts about Antivirus programs.
No anti-virus program is 100% effective.
As new viruses come out all the time, it can seem like the antivirus vendors are always playing catch-up. This is where antivirus programs use a number of techniques to help improve the rate of detection, including looking for specific pieces of code and also analyzing the behavior of code. These methods block over 99% of the viruses that are seen “in the wild” and offers fairly comprehensive protection. They will never be 100% effective, but they certainly block a large proportion of virus and malware programs from running on your system. Sometimes a software vendor [such as Microsoft] will release an out-of-band update if their software has a vulnerability that viruses commonly exploit. If you have subscribed to our Patch Management Program then you will receive the latest Microsoft out-of-band updates as soon as we have verified that they are applicable to your configuration.
Features vary, depending on the product
Antivirus programs come in several “flavors”. The more resource intensive it is, the slower it will make your machine, but the more you will be protected:
Non-resident Antivirus – You manually scan files. This is the least resource intensive, but also the least effective.
Resident Antivirus – Looks at all file accesses on your hard drive. Moderate resource usage and reasonable protection.
Internet Security – Looks at all traffic both inbound and outbound on your machine. Looks at all file accesses on your hard drive. Most resource intensive.
Office vs Home use
The antivirus used in a corporate office is typically more “lightweight” than the ones used in home environments and are usually a Resident Antivirus offering. It is very common for there to be other security in place on a corporate network including border inspection, group policies, and network traffic analysis which enables some of the roles of the Antivirus to be off-loaded to other devices.
Not all anti-virus programs are created equally
The heart of any antivirus is the detection engine. Antivirus vendors continuously update the definitions for the engines and will occasionally push out a new detection engine as the viruses change their behaviors beyond what the definitions can be updated to detect. Some antivirus vendors are quicker to respond than others, and some prioritize certain aspects of their programs while their competitors feel another area is more important. As antivirus programs are continuously evolving, so is their placement in the “Top 5“.
There is no substitute for “Common Sense”
Above everything else, we have to use “common sense” when dealing with our lives on the internet. Is this new SuperShinyFreeWebAppGame really what it purports to be, or is it just a trojan for malicious code? Is that piece of software or that music track you downloaded from a file-sharing network really what it claims to be, or is it malicious software in disguise? Would you know if you were infected? Some viruses sleep for a while after infection to make it difficult to track their source.