I've seen some users add a free antivirus program to their endpoint device to compliment whatever existing enterprise...
antivirus option their employer has preinstalled on the device. Is it wise for users to add a free secondary antivirus program? What problems can this cause?
From a nontechnical person's point of view, having more than one antivirus program may seem like a good idea, as knowing that you even need one installed is a great place to start. One might also wonder why -- in an enterprise setting -- a regular user could install a new system application, as one of the key aspects of securing an endpoint is limiting the ability to make changes to the system via administrative access restrictions.
While there are some free antivirus tools that are reasonable to use, they are not needed if there is already another real-time detection antimalware tool installed. From a technical point of view, having multiple security tools could have some benefits, but having one antivirus tool that operates on request and that complements a real-time or on-access antivirus tool could be better.
However, having two antivirus tools that do the same thing could be problematic. For example, there is some concern about CPU and RAM usage when two antivirus tools are installed, but the lower level integrations are more concerning. Typically, on-access virus scanning requires hooking the operating system in at a low level and then having the antivirus tool scan a file to see if it is malicious before any other program can access it. If there are two antivirus tools installed, then they might interfere with the process of scanning files.
Depending on the tool, the behavior of another antivirus tool could be seen as suspicious and cause the first antivirus tool to try to quarantine the second. This could then trigger the self-protection functionality built into the antivirus tool -- which is needed to protect itself from malware that might try to disable it to avoid detection -- making the system unstable.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Open source security tools and software
Related Q&A from Nick Lewis
After a comeback of the Russian-built VPNFilter botnet, home network devices are at risk. Learn how this malware targets victims with expert Nick ... Continue Reading
The TrickBot banking Trojan joined forces with IcedID to form a dual threat that targets victims for money. Discover how this union occurred and how ... Continue Reading
The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.