Most people know basic information about anti-virus software and that it is crucial for cybersecurity. However, it’s often mistakenly believed that anti-virus software is the only cybersecurity defense component required to protect your computer system.
Anti-virus does play a very important role within a multi-layered cybersecurity strategy. However, we are providing this overview to underscore and verify that this component is merely one part of protecting your computer environment.
From a 50,000-foot view, anti-virus software operates in the following manner: it checks a table of known virus definitions with all the files stored on a computer system, in order to flag a potential virus. The flagging of viruses is achieved either through signature-based or heuristic-based analysis.
A file signature is a unique identifying number located in the file’s header that identifies the type of file and data contained within that file. Heuristics refers to an algorithm that is used to find previously unknown viruses (i.e. those not yet listed on the virus definition table).
There are two main anti-virus operational modes currently in use to check files on a computer system:
- Full System Scan. This mode also includes a “quick scan” or a check of files within which the file signature has changed since the previous Full System Scan, which runs on an automatic schedule or is manually enacted.
- Background Processing. This is the process that occurs (as its name indicates) and functions in the background on your computer by checking every file as it is opened. It is often referred to as “Real-Time Protection”.
There are many anti-virus options available to consumers, including both free and paid products. Virus detection rates vary among these choices and can fluctuate over time. Therefore, do not expect there to be only one solution that is consistently proven as the ultimate anti-virus product available. A consistent “Number One” has not yet materialized.
There are numerous anti-virus comparison sites searchable on the web. Also, it’s important to remember that if your anti-virus definition files are not updated regularly, or if the anti-virus function is disabled by users of your computer system, you may not be receiving the protection you assume.
Action Items:
- If you do not already use anti-virus software, research options within your price range and choose a solution that fits your needs.
- Implement the anti-virus software system on your network.
- Periodically ensure that your anti-virus software is running as intended. This means the virus definition table will be updated frequently and that it will be consistently used on all computers within your network.
HBK Risk Advisory Services can assist you with your data backup or Cybersecurity questions and needs. Please contact Bill Heaven at WHeaven@hbkcpa.com