I've seen some users add a free antivirus program to their endpoint device to compliment whatever existing enterprise...
antivirus option their employer has preinstalled on the device. Is it wise for users to add a free secondary antivirus program? What problems can this cause?
From a nontechnical person's point of view, having more than one antivirus program may seem like a good idea, as knowing that you even need one installed is a great place to start. One might also wonder why -- in an enterprise setting -- a regular user could install a new system application, as one of the key aspects of securing an endpoint is limiting the ability to make changes to the system via administrative access restrictions.
While there are some free antivirus tools that are reasonable to use, they are not needed if there is already another real-time detection antimalware tool installed. From a technical point of view, having multiple security tools could have some benefits, but having one antivirus tool that operates on request and that complements a real-time or on-access antivirus tool could be better.
However, having two antivirus tools that do the same thing could be problematic. For example, there is some concern about CPU and RAM usage when two antivirus tools are installed, but the lower level integrations are more concerning. Typically, on-access virus scanning requires hooking the operating system in at a low level and then having the antivirus tool scan a file to see if it is malicious before any other program can access it. If there are two antivirus tools installed, then they might interfere with the process of scanning files.
Depending on the tool, the behavior of another antivirus tool could be seen as suspicious and cause the first antivirus tool to try to quarantine the second. This could then trigger the self-protection functionality built into the antivirus tool -- which is needed to protect itself from malware that might try to disable it to avoid detection -- making the system unstable.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Open source security tools and software
Related Q&A from Nick Lewis
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading
Cloud security providers need to play catch-up with the evolving advancements in cloud technology. Find out what the top CSPs offer today and which ... Continue Reading
Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.