Do I really need an antivirus software?
Personally, I truly don't see the point of having an antivirus software installed. Can somebody explain to me how, by having it install, would it reduce my chance of getting an infection??? It's not immunization, is it?
To have a good firewall, a spam filter, a email filter is way more useful than the AV.
To have a good firewall, a spam filter, a email filter is way more useful than the AV.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
YES. If your AV is working good then it will prevent MOST (read - not all) infections.
JamesTX10
JamesTX10
ASKER
Guys, not true. AV software does NOT stop infection!!!! it merely REMOVES the infection AFTER you get infected. This is a very critical point!!!!
I would disagree.
AV catches the virus once it is on you but before it is activated. Much like washing your hands helps you to not get sick. It does not prevent germs from getting on you but it kills them before they can attack you.
JamesTX10
AV catches the virus once it is on you but before it is activated. Much like washing your hands helps you to not get sick. It does not prevent germs from getting on you but it kills them before they can attack you.
JamesTX10
Sorry PaperTiger, I must disagree with you.
James is right.
J.
James is right.
J.
PaperTiger, your point is only true when you use only planned scans, not when you use active monitoring or realtime scanning (or whatever a AV vendor wants to call it).
J.
J.
PaperTiger, You may have a point. Once I was a client of S******c and used their N****n Antivirus product. Since it's not the most efficient software written (one might think about the opposite) it hogged the resources on the computer I thought was mine. About 4 years ago I finally came to my senses and switched away to a better antivirus and prevented it from running in the background.
BUT: In exchange to the CPU cycles I won I now have to be extra careful scanning stuff manually whenever there is doubt or the faintest of possibilities that smth might be infected. I also polished my backup schedule and backup retention.
Remember the "Security vs Usability" chart? The same function applies to the "Having an Antivirus Transparently Scanning All Your S**t vs Worry About the Virii" :D
BUT: In exchange to the CPU cycles I won I now have to be extra careful scanning stuff manually whenever there is doubt or the faintest of possibilities that smth might be infected. I also polished my backup schedule and backup retention.
Remember the "Security vs Usability" chart? The same function applies to the "Having an Antivirus Transparently Scanning All Your S**t vs Worry About the Virii" :D
ASKER
Even if the virus comes over the network share?
it doesn't come over the network share. I have my firewall locked down and all the other pieces of equipment in my home run some form of GNU/Linux :D
but yes, you have to be ever watchful if you intend to move from the "Having ..." end in the aforementioned chart and thus the worries. It is easy to figure out. try it for a day or two. If you find the worries troublesome, you need the antivirus to alleviate them ;) It is all about the comfort point. Alas, the comfort point often shifts with the first incident :P
but yes, you have to be ever watchful if you intend to move from the "Having ..." end in the aforementioned chart and thus the worries. It is easy to figure out. try it for a day or two. If you find the worries troublesome, you need the antivirus to alleviate them ;) It is all about the comfort point. Alas, the comfort point often shifts with the first incident :P
Antivirus software scans whatever file you are about to access to confirm it is not a known or suspected virus. It acts like a crossing guard that checks for oncoming cars before it allows you to cross the street.
Viruses appear in many different forms - word macro, boot sector, email, etc. But in each case I'm aware of, before they can run, they must be "unpacked" from a file somewhere... the antivirus software, when you ask to access ANY file, scans it to confirm it is not a virus. Then the passive scans check for viruses that may have been placed on your computer through other means.
Viruses appear in many different forms - word macro, boot sector, email, etc. But in each case I'm aware of, before they can run, they must be "unpacked" from a file somewhere... the antivirus software, when you ask to access ANY file, scans it to confirm it is not a virus. Then the passive scans check for viruses that may have been placed on your computer through other means.
Just spend a few days surfing the web without an antivirus and decide yourself if it is worth having
ASKER
I am running a company with more than 300 computers across NA. Since I took the position 4 years ago, there has never been even one incident of virus in our company.
Do you cancel your life insurance because you haven't died recently?
Lets see how fast you can lose your job - dump the antivirus software. I was part of a company of 1000 employees, 600 using PCs. We went 4 years without an outbreak... then got hit... THANKFULLY, we had McAfee and the updates came out quickly. We were cleaned and back to "normal" without a major long term outage... then we were hit again I think 2 months later. But then clean the next 5 years. And this was at a research institution/university type setting where the IT department has little control...
Yet other companies, like the one I consulted for 2 months ago and a different one 4-5 years ago were hit (both using Symantec and NOT what I recommended). One was of 25 people the other of 100 people.
for yourself, if you want to risk it at home, go ahead... but it's foolish to risk it in a business environment - especially a large business environment. "Penny wise and Pound foolish" not using AV software at all.
Yet other companies, like the one I consulted for 2 months ago and a different one 4-5 years ago were hit (both using Symantec and NOT what I recommended). One was of 25 people the other of 100 people.
for yourself, if you want to risk it at home, go ahead... but it's foolish to risk it in a business environment - especially a large business environment. "Penny wise and Pound foolish" not using AV software at all.
> Can somebody explain to me how, by having it install, would it reduce my chance of getting an infection???
No.
> It's not immunization, is it?
No.
It is detection, diagnosis, after the fact.
If you are in habit of getting strange emails from strangers that have unknown attachments that you actually want to execute on your machine with superuser privilege, then a virus scanner could be used first on the specific program that you want to run.
If you are in the habit of loaning your PC to 10 idiots a weeks then you might really want to scan the unit when you get it back.
No.
> It's not immunization, is it?
No.
It is detection, diagnosis, after the fact.
If you are in habit of getting strange emails from strangers that have unknown attachments that you actually want to execute on your machine with superuser privilege, then a virus scanner could be used first on the specific program that you want to run.
If you are in the habit of loaning your PC to 10 idiots a weeks then you might really want to scan the unit when you get it back.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Anti-virus software prevents a computer from being INFECTED by a virus. It will not prevent it from getting ON a computer. A file getting on a computer and the computer getting infected are two different things.
You can't prevent a file with a virus from getting on a computer, as it must get there before it can be scanned and taken care of.
You can't prevent a file with a virus from getting on a computer, as it must get there before it can be scanned and taken care of.
Papertiger, if you are running a business without AV, you have no business running the IT department
ASKER
Same as fire, you cut off the source. Email, webpages, floppy disks etc. The only thing that is really hard to do is USB drives.
> you have no business running the IT department
- and the like...
Sorry peeps, but part of answer is also what kind of business is being run, what software is chosen for OS - if there are desktops, are there suites, whether or not security controls are set up and used effectively, privileges permitted, etc.
If yours does not have sets of superusers running MS-Word with macros enabled, then of what concern is a word macro? If you do not run it or use it, the concern is not, and that will be very telling shortly. If you do not use IE, why care about a new virus for IE that NO A/V can defend against or even detect unless it were also author. MS was first spyware deployer, but only for MS SW.
These issues apply not to mainframes, unice, Netware, etc. Nor to WordPerfect or any ware that does not treat text files as valid executables where all users have to also be superusers, nor does it apply to proprietary wares developed in-house.
Those who dictate that corporations and space programs should be run on MS only platforms are the ones in the wrong business, for they are also the same ones who refuse to properly fund the security of their business, nor to fund staff where more are required wher MS is introduced. Checkout the approaches made by places like Houston.
And for any who missed it, MS has again moved posture from funding anti-unix movement v IBM and Novell et al, to funding Novell's Linux in effort to appease the naysayers and appear to be more open and compatible (at expense of RedHat and a few select others).
PaperTiger did not open the question declaring what platforms needed defensive strategems, it is a fallacy to always presume answer should be about a fad.
Although it is also fallacy to presume that it is impossible to defend the leakiest OS even if it is by design, the answers remain in what parts of what systems are enabled, disabled, and who gets to do what. That is what security is about, helping to form or reform such policies and actions, when underfunded.
- and the like...
Sorry peeps, but part of answer is also what kind of business is being run, what software is chosen for OS - if there are desktops, are there suites, whether or not security controls are set up and used effectively, privileges permitted, etc.
If yours does not have sets of superusers running MS-Word with macros enabled, then of what concern is a word macro? If you do not run it or use it, the concern is not, and that will be very telling shortly. If you do not use IE, why care about a new virus for IE that NO A/V can defend against or even detect unless it were also author. MS was first spyware deployer, but only for MS SW.
These issues apply not to mainframes, unice, Netware, etc. Nor to WordPerfect or any ware that does not treat text files as valid executables where all users have to also be superusers, nor does it apply to proprietary wares developed in-house.
Those who dictate that corporations and space programs should be run on MS only platforms are the ones in the wrong business, for they are also the same ones who refuse to properly fund the security of their business, nor to fund staff where more are required wher MS is introduced. Checkout the approaches made by places like Houston.
And for any who missed it, MS has again moved posture from funding anti-unix movement v IBM and Novell et al, to funding Novell's Linux in effort to appease the naysayers and appear to be more open and compatible (at expense of RedHat and a few select others).
PaperTiger did not open the question declaring what platforms needed defensive strategems, it is a fallacy to always presume answer should be about a fad.
Although it is also fallacy to presume that it is impossible to defend the leakiest OS even if it is by design, the answers remain in what parts of what systems are enabled, disabled, and who gets to do what. That is what security is about, helping to form or reform such policies and actions, when underfunded.
btw, even for MS I am pro on FDs, always make a bootable one for OS. My only surprise is they quit on sizing them up with everything else.
> The only thing that is really hard to do
It also helps to have control,, or at least a semblance of it, for the platform used, at least some effort should be made to make all similar units alike and under central control with centralized management, at least to point of supporting the support functions.
A USB port could be used to run unix to patch up a Windows platform, supposedly economically.
It also helps to have control,, or at least a semblance of it, for the platform used, at least some effort should be made to make all similar units alike and under central control with centralized management, at least to point of supporting the support functions.
A USB port could be used to run unix to patch up a Windows platform, supposedly economically.
--> Same as fire, you cut off the source. Email, webpages, floppy disks etc.
Sure and we know that there are no fires in the world.
Actually the ultimate source is electricity. Cut it off and you will not get infected.
But on the serious side, you can't cut of all sources, that is why we still have virus. You know even MS has delivered software on CD's that were infected with Virus. As long as you have to open a file, does not matter what type (word doc, pdf file jpeg), you have the possibility of getting infected with a virus.
In some cases you maybe able to cut off e-mail, Internet access, floppies, and even USB devices. However you have to get software installed and it must read data. In this day and age no e-mail and no Internet access normally means a very locked down enviroment, which probably covers less than 10% of desktop enviroments.
Sure and we know that there are no fires in the world.
Actually the ultimate source is electricity. Cut it off and you will not get infected.
But on the serious side, you can't cut of all sources, that is why we still have virus. You know even MS has delivered software on CD's that were infected with Virus. As long as you have to open a file, does not matter what type (word doc, pdf file jpeg), you have the possibility of getting infected with a virus.
In some cases you maybe able to cut off e-mail, Internet access, floppies, and even USB devices. However you have to get software installed and it must read data. In this day and age no e-mail and no Internet access normally means a very locked down enviroment, which probably covers less than 10% of desktop enviroments.
giltjr > Actually the ultimate source is electricity. Cut it off and you will not get infected.
:-))
Actually, first step is go off-net - no more surfing at work <sheesh>
Next is to not turn anything on
next
:-))
Actually, first step is go off-net - no more surfing at work <sheesh>
Next is to not turn anything on
next
ASKER
OK, I think the q is which AV do you guys recommend?
Now there's another can of worms!
A similar question was just asked - though for home use, there are few comments relating to Corporate solutions, including mine and legalsrl.
https://www.experts-exchange.com/questions/22061056/WHAT-IS-THE-BEST-ANTI-VIRUS-SOFTWARE.html#17946636
In summary:
I like McAfee Enterprise, but it DOES use more system resources than it needs. I despise Norton - virtually all the serious outbreaks I've had to work on have been running Norton or Symantec. Based on reviews, Kaspersky may offer the best product overall.
A similar question was just asked - though for home use, there are few comments relating to Corporate solutions, including mine and legalsrl.
https://www.experts-exchange.com/questions/22061056/WHAT-IS-THE-BEST-ANTI-VIRUS-SOFTWARE.html#17946636
In summary:
I like McAfee Enterprise, but it DOES use more system resources than it needs. I despise Norton - virtually all the serious outbreaks I've had to work on have been running Norton or Symantec. Based on reviews, Kaspersky may offer the best product overall.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
For AV no one has my vote. (In case you could not tell). My recommend here is typically, that you should run the one you can understand best, and thus use the best. Too many here are way too high on stuff that is too cheap. OTOH, Outside of the question, for other 'friends' here, some rough numbers on the more popular Sym*, fully bown, for about 130k users, we get about 300 a day without updates for over a month, that'd be about a 1K, or slightly under 1% recorded, which may not be so bad for small shop. Of those, maybe 1% get infected before patched properly. What is really going on I've yet to learn, some amount remains nonsensical. In other words, we probably pay more than all of you and M$ combined to ensure the better support.
All A/V has problem, any can help. No 'features' are worthwhile if not used, so my vote is that you try some of the top ones, and of what you understand, select features that will enable you to make it one of your more useful tools.
All A/V has problem, any can help. No 'features' are worthwhile if not used, so my vote is that you try some of the top ones, and of what you understand, select features that will enable you to make it one of your more useful tools.
I once had a position to recommend, came up with a top six, and of those a top three and a top one. The company went with one I had not considered: Detect Plus. Cheap and does more than everyone else, and soon everyone will want it as well. Oh. It got to fill up a lot of closets and garbage cans for the ensuing year.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Tolomir,
do try to consider the analogue with "security vs usability" chart proper for the question is of subjective character - "Do I ...?". I find the comfort point to be determinative in whether the user needs an AV product or not. Also note the noted imminent shift of the comfort point after the first and each subsequent incident.
respect.
do try to consider the analogue with "security vs usability" chart proper for the question is of subjective character - "Do I ...?". I find the comfort point to be determinative in whether the user needs an AV product or not. Also note the noted imminent shift of the comfort point after the first and each subsequent incident.
respect.
I will leave the following recommendation for this question in the Cleanup topic area:
Split: JamesTX10 {http:#17939224} & PowerIT {http:#17939285} & leew {http:#17939298} & SunBow {http:#17941292} & richrumble {http:#17950603} & mahe2000 {http:#17982985} & boksburgbishop {http:#18194781}
Any objections should be posted here in the next 4 days. After that time, the question will be closed.
Tolomir
EE Cleanup Volunteer
Split: JamesTX10 {http:#17939224} & PowerIT {http:#17939285} & leew {http:#17939298} & SunBow {http:#17941292} & richrumble {http:#17950603} & mahe2000 {http:#17982985} & boksburgbishop {http:#18194781}
Any objections should be posted here in the next 4 days. After that time, the question will be closed.
Tolomir
EE Cleanup Volunteer
I do object. I fail to see the reason why my answer to the question was excluded Yet, it was precisely directed to answer the question ("Do I really need an antivirus software?") and onto the point with proper analogue drawn from the information security subject the asker seemed to have some familiarity with.
Let us (in EE) please not get political with enforcing the "everybody must deploy AV because it is good practice" by smothering alternative views on the issue (even more when the asker seemed to have his mind already made up about it).
Let us (in EE) please not get political with enforcing the "everybody must deploy AV because it is good practice" by smothering alternative views on the issue (even more when the asker seemed to have his mind already made up about it).
Well actually I don't like these questions at all, that is these where the asker abandoned the thread.
I mine eyes one should always use an antivirus solution on windows. One cannot check each byte of an exe manually. Of cause one might not catch all hand crafted virii, but a decent heuristic but be the key. (Using nod32 on my computers)
It seems like I missed to mention you, jakopriit in the split, so
Would an Mod please add jakopriit {http:#17985328} to the split.
Thank you.
Tolomir
I mine eyes one should always use an antivirus solution on windows. One cannot check each byte of an exe manually. Of cause one might not catch all hand crafted virii, but a decent heuristic but be the key. (Using nod32 on my computers)
It seems like I missed to mention you, jakopriit in the split, so
Would an Mod please add jakopriit {http:#17985328} to the split.
Thank you.
Tolomir
ASKER
The email filtering is NOT antivirus. All it does is to drop every executable attachment.
The airbag anology is not good because airbag prevents you from getting hurt. Does AV software prevent me from being infected?