Feature

The Myths of Security

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: How security pros can benefit from information sharing."

Download it now to read this article plus other related content.

Myth #2: Antivirus doesn't work
Viruses, worms, spyware, Trojans, mobile code and all other varieties of malware are hammering businesses at alarming rates and levels of intensity. Multivector, multipayload worms obliterate disk drives, saturate network shares and covertly install rootkits on servers, costing businesses billions of dollars annually.

The stark reality is that conventional signature-based antivirus technology is largely powerless against these new forms of attack. In fact, many new worms and their variants are carefully tweaked to evade AV scanners. This has lead many to believe that signature-based AV is impotent and unnecessary.

"AV reduces risk in companies by a hundredfold or more," says Peter Tippett, CTO of managed security firm CyberTrust. In fact, he suggests that using AV has an "amplifying" effect on risk reduction. "If you do a little bit--place AV on desktops and gateways and filter for 10 or so prominent file attachments--you get a lot of benefit."

The problem with conventional AV, Tippett says, is that too many companies overly rely on it. "They try to take that thing that reduces risk by a hundredfold and make it tenfold better instead of investing in other cheap and easy security processes," such as zone segmentation, bastion hosts, default deny on border routers and disabling active scripting in Internet Explorer. Like AV, each of these techniques is effective only up to a point.

    Requires Free Membership to View

But used in concert, they reduce the risk of malware infection by orders of magnitude.

And then there's the human element, which no technology can perfectly secure. "Many worms and viruses target people, and we'll never be able to secure them," says Bruce Schneier, CTO at Counterpane Internet Security.

Schneier says that blaming AV scanners is a little like killing the messenger. "The security of our operating systems and applications sucks, [and] lousy software makes for a very permissive environment for worms and viruses."

This was first published in January 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: