Virus protection

Set a wide perimeter

So there’s always a debate on which is the best anti-virus program. One day there’s a study showing one is the best and the next day that program seems to be at the bottom of the list. This one is faster, that one catches more, the other one deletes more and another has less false positives. Well this is all great, but it ignores the point that anti-virus programs are not your first line of defense. In fact they are a very poor backstop after everything else has failed.

The name of the game is keeping the bad guys from getting close enough to make your anti-virus systems kick in. How is this accomplished? The first way is user behavior. Following these rules will keep the bad guys at bay:

• Never click on links in emails stating they are from business you interact with such as a bank or mail provider.
  • They will usually want you to download an update or update your customer files
  • These links almost never are from the company they claim to be from
• Never download unsolicited software updates
  • Recently there was a concerted attempt to get people to download new server setting to comply with changes made by your mail provider. Right. This email spam was sent out to millions of mail accounts to get the users download malware. I had a customer ask if he should install the update. Needless to say my answer was no.
  • Web sites will pop up messages that your machine has been infected. Your machine has not been infected and if it has been, the solution is not going to come from soem random web site.
• Don’t open unexpected attachments.
  • Sending attachments is a common way to get the end user to install malware.
  • Service providers should not encourage the idea of opening attachments by sending them. Billing info etc should either be imbedded in the email or you should be advised to go to the providers web site for more information.

The second way is when the bad guys have gotten a little closer. This is reflected in the setup of your machine. Users should not be administrators when on the internet. The user should only go into administrative mode when there is a specific need. Nobody likes this and the hate that end users had for the Vista UAC relfects this. Unfortunately this is one of the stronest layers of defense and it is the one most often violated by the home user. If you are not an administrator then even if you accidiently download something you shouldn’t the odds are that the install of the malware will fail. When our customers allow us to set up their systems the way we would like it is extremely rare that there are any problems. Most issues arise when a spcific user is granted administrative rights and with those rights accidentlay installs malware. While the end user is occasionally bothered by not being able to download and install the newest version of Flash or something like that at least they don’t get bothered by the inconvenience of having to rebuild an entire machine.