I've seen some users add a free antivirus program to their endpoint device to compliment whatever existing enterprise...
antivirus option their employer has preinstalled on the device. Is it wise for users to add a free secondary antivirus program? What problems can this cause?
From a nontechnical person's point of view, having more than one antivirus program may seem like a good idea, as knowing that you even need one installed is a great place to start. One might also wonder why -- in an enterprise setting -- a regular user could install a new system application, as one of the key aspects of securing an endpoint is limiting the ability to make changes to the system via administrative access restrictions.
While there are some free antivirus tools that are reasonable to use, they are not needed if there is already another real-time detection antimalware tool installed. From a technical point of view, having multiple security tools could have some benefits, but having one antivirus tool that operates on request and that complements a real-time or on-access antivirus tool could be better.
However, having two antivirus tools that do the same thing could be problematic. For example, there is some concern about CPU and RAM usage when two antivirus tools are installed, but the lower level integrations are more concerning. Typically, on-access virus scanning requires hooking the operating system in at a low level and then having the antivirus tool scan a file to see if it is malicious before any other program can access it. If there are two antivirus tools installed, then they might interfere with the process of scanning files.
Depending on the tool, the behavior of another antivirus tool could be seen as suspicious and cause the first antivirus tool to try to quarantine the second. This could then trigger the self-protection functionality built into the antivirus tool -- which is needed to protect itself from malware that might try to disable it to avoid detection -- making the system unstable.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Open source security tools and software
Related Q&A from Nick Lewis
A security researcher found a security flaw dubbed CVE-2018-2636 that enables the installation of malware on Oracle Micros POS systems. Learn more ... Continue Reading
The joint DHS and NIST report on botnet security offers goals and action items to counter distributed cyberthreats. Learn the report recommendations ... Continue Reading
Android malware was discovered by Kaspersky Labs and named Skygofree. This Trojan targets smartphones and tablets using spyware and gathers user ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.