Antivirus Isn’t Everything

It isn’t uncommon for our Network Engineers to get calls like this: “I’m running antivirus software, so why am I still getting viruses?” These calls don’t happen all the time, but occur often enough that we thought it would be a good idea to discuss why people sometimes still get viruses even though they use antivirus software.

 
Good security is built around the philosophy of “defense in depth”, or to put it another way, multiple layers of protection. First, this means that antivirus software alone is not enough. A firewall (hard or software), spam-filtering, behavior profiling, application blocking, and other security methods should also be employed. There is no hard and fast method for perfect security. There are only “better” and “worse” security solutions. “Better” security solutions cover more attack vectors. We must approach security this way, because nothing is perfect.  If something gets through one layer, we want another there to catch it.
 
However, there is one additional aspect that is often overlooked in all the talk of additional hardware and software security layers: operator practices. The good news is this aspect can be vastly minimized with a few Internet safety tips that won’t cost anything except a few minutes of time to learn. So here are the Internet safety tips we recommend to help minimize infection:
  • Don’t go to sketchy websites you shouldn’t visit. You know the websites we’re talking about.
  • Don’t click on links in email unless you’re expecting a link (i.e. you’ve talked about getting a link via a phone call or previous email).
  • Don’t open attachments in email unless you were expecting an attachment (just like links).
  • Don’t download pirated software, movies, or music, since these often contain viruses.
  • Only install software from vetted sources. Don’t install unnecessary software – the more software you have on your machine, the more potential security holes you have.
  • Watch your active processes and services for things that seem out of place by monitoring the Task Manager (open with Cntl+Shift+Esc), but don’t do this unless you know what you’re doing.
  • Don’t click on pop-ups, even to get rid of them – if your browser throws a strange prompt – kill the process from the task manager.
  • Keep your software updated, especially your antivirus software.
  • Make sure your software firewall is on and updated.
  • Don’t run under admin rights. Use a user account with truncated privileges for everyday usage.
  • Use common sense. If something feels strange, don’t click on it, open it, visit it, or run it.
Antivirus software is not enough – to protect your computer multiple layers of security are needed, including operator education and vigilance.