Have you heard? Antivirus is dead. Kaput. No longer relevant in today’s computer security world, where 315,000 new malicious files are detected every day.
When Brian Dye, senior vice president of information security for Symantec — the company that invented commercial antivirus software 25 years ago — told The Wall Street Journal a couple of weeks ago that antivirus “is dead,” loyal antivirus updaters across the world rightfully asked, “What does that mean?”
Let’s start by saying that while it makes a great headline, declaring that antivirus is dead is an exaggeration. Antivirus is still an important part of your computer security equation. However, believing that it’s the only part, and that antivirus alone will protect you, is highly inaccurate.
Antivirus is a piece of software designed to prevent, detect and remove malicious viruses from a computer system or network. Most antivirus software, traditionally and today, works by blacklisting malicious code. There are millions and millions of computer viruses out in the world — some of them existing and some original — and when antivirus software finds a known piece of bad code, it flags and bans it.
A blacklist protection system is always playing catch-up — it is always inherently one step behind. Though it’s flawed, antivirus software using a blacklist model is straightforward and easy to implement, which is why it’s been our most widespread computer virus protection system for the past 25 years.
A supremely superior model of security is white-label. Say there are 500 tasks that your computer needs to perform and programs it needs to run. If you already know that these 500 things are safe, a white-label system allows these 500 things and prevents everything else.
This method is incredibly effective and safe, yet very few people use it because it requires an enormous amount of effort to set up. Since you have to tell your computer each and every program it is allowed to run, this white-label antivirus model is not practical for most people at this time.
If blacklist antivirus is too little, and white-list systems are too much, to find the “just right” solution, I suggest taking a layered approach to your computer’s security. Your system needs to include a blacklist antivirus software program in addition to internet filtering.
In this day and age, if you’re not filtering your internet connection, you’re going to be attacked and hackers are going to compromise your systems. This goes for both personal and business use.
It’s important to note that, when implemented properly, internet filtering can be aggravating at times, because by design it prevents you from going to some places on the internet. This barrier can get in your way, preventing you from doing something that you want to do. The worst thing that you can do in this instance is shut off your internet filtering. You can put all the safeguards in the world on your computer, but if you don’t actually use the tools, they’re worse than useless because they cost you money and don’t secure anything.
The last important thing to understand is that the general goal of computer viruses is to exploit some vulnerability in another piece of software on your computer, like Adobe Flash Player or Acrobat Reader. Even with antivirus software and internet filtering implemented, you need to be sure to keep your computers and all the software that runs on them up-to-date all the time.
This post originally appeared in The Tennessean.