Understand  

What is antivirus software?

In order to explain antivirus software it is necessary to understand the nature of a computer virus.

A computer virus is a way of describing a computer programme that has been written specifically to cause damage to your PC. In essence, it is a piece of software that is written to cause as much havoc as possible.

A virus is designed to gain access to files or programs on your PC. The virus may enter your computer CD, DVD, USB by email or by your internet connection.

There are many types of viruses including worms, phishing, rootkits, and Trojan horses. They are collectively known as malware.

An antivirus software package is designed to prevent viruses or malware from damaging your PC. It does this by being able to recognise emails and programmes which are potentially harmful to your PC and then destroy them.

The future of antivirus

Unfortunately, because new viruses are being developed every day there will always be a need for up-to-date antivirus protection. Furthermore, these viruses are becoming increasingly complex and difficult to discover, and as a result the growth in virus attacks is set to continue.

Why antivirus

A return on investment is difficult to calculate for antivirus software because, once installed, it will not immediately decrease costs or improve efficiency.

However, it is most certain that at some point your PC or network will be harmed by a virus. This could effectively destroy valuable information and documents, stop your PC or network from working or slow down your system. It can also take a great deal of time to resolve and be extremely expensive in terms of the technical personnel required to fix the issue and the fact that people will not have access to their PCs. The key issue here is what will happen if you don’t have an antivirus system in place.

Types of viruses

Worm
A worm is a piece of malicious software that can prevent certain functions of your PC from taking place. The way that worms are designed mean that they run in the background so that you won’t realise that they are there until you cannot carry out a particular function such as opening a word-processing document.

Trojans

The description of this type of malware is based on the Greek legend of Helen of Troy. The city of Troy was destroyed by the Greeks leaving a huge wooden-horse as a gift to the Trojans in which part of the Greek army were hiding. As a result, the Greeks entered the city and were able to open the gates for the rest of the army.

A Trojan is like a virus but it fools the PC user into thinking that it is a legitimate programme. For example, it may arrive in the form of a ‘Christmas Wishes’ email, which, naturally, you believe is ok to open. But once you have opened the mail the virus activates and wreak havoc on your PC.

Adware

Adware is free software that is subsidised by displaying adverts. So rather than you having to purchase the software, it is effectively paid for by sponsors or advertisers.

Adware can do a number of things, including finding out about your online surfing and spending habits and passing that information, without your permission, to a third-party. It is claimed that this helps to channel appropriate advertisements to your PC, but you may find the windows that pop up as you use your web browser rather annoying.

Adware is sometimes bundled with other software, without the user's knowledge, or included in the fine print of an end user license agreement. Adware programs can be very difficult to remove from a user's computer.

Spyware

Spyware covertly or secretly gathers user information and activity without the user's knowledge.

It is probably more dangerous than adware because it can record your keystrokes, history, passwords, and other confidential and private information. Spyware has been sold as spouse monitors, child monitors or surveillance tools – or simply as a tool to spy on users in order to gain unauthorised access. Spyware can be used by thieves or hackers in order to gain access to personal information such as bank or credit card details.

Rootkits

Root kits are a type of malicious software that allows a person other than the user of the PC to be able to take full control of that PC.

It can be used, for example, to collect information about your PC and network and the users, or to gain access to passwords and financial details, which these days when so many people use online banking, can be extremely dangerous!

Spam

Spam is a term for sending unsolicited emails in an attempt to let people know of a particular product or service. Most spam is commercial advertising, often for prescription drugs or ‘get rich quick’ schemes.
 
Spam can be annoying because it is unsolicited and because there is so much of it. Most antivirus packages deal with spam.

The main danger with spam is that they can carry hidden files that contain a virus designed to infect an organisation’s PCs or network.

Phishing

While not strictly a virus carrying messages it is important to mention phishing. Phishing emails are fraudulent emails. For example, receiving an email from a bank or another person that may appear genuine but requests your account details and passwords. These should be ignored at all costs.

Another popular scam is an email sent asking for money in order that a significant sum of money can be deposited into a bank account. Clearly this is not genuine.

Benefits of using antivirus software

  • The key benefit to installing antivirus software is quite simply that it prevents a virus damaging your PC or network.
  • Protects your PC or network from viruses and other forms of malware.
  • Prevents downtime, i.e. valuable working time could be wasted if you can not access your PC due to a virus infection.
  • Protects valuable information on your PC.
  • Prevents other people outside of your organisation being able to access your information whether it is business or personal data.
  • Potentially prevents emails being sent by your system thereby damaging you and your organisation’s reputation. Some viruses access your email folders and send an email to all of your contacts with the virus attached.
  • Prevents the time consuming and unnecessary task of having to clean or remove the virus after the damage has been done.
  • Reduces the potential financial implications – getting the technical support required to achieve removal of the virus and to restore your lost information
  • Legal implications – in some instances it is required to demonstrate that your organisation has taken reasonable measures to protect the information you hold about your customers and the email you exchange with them.

Disadvantages and potential pitfalls

  • Some antivirus packages can slow down the speed of your PC or network.
  • Antivirus software can require a great deal of hard disk and memory.
  • Antivirus software needs to be updated regularly. It is very important that the antivirus software is updated, preferably on a daily basis, because new viruses and malware are developed and the antivirus vendors will develop counter measures to deal with them. This can be achieved by automatically connecting to your supplier’s website via the internet and downloading the necessary files. You can normally set this up to happen automatically.
  • Antivirus checks must to be run regularly. Again, ideally you should run your antivirus software daily as internet access and email can potentially cause problems.
  • Not all antivirus software is capable of being effective at dealing with viruses, spyware and adware so you may need to run two or more packages. However, be sure that you are not running two systems that conflict and prevent each other working properly.

Five steps to successfully buying an antivirus solution

Step one

  • Identify the needs of your organisation and your users. If users access the internet via a dedicated server, then only the server needs to have an antivirus package installed. You have to consider PC and laptop users with direct internet access. Although it is possible to have an antivirus on every PC, once an organisation has more than ten PC’s it becomes increasingly difficult to manage. For example, keeping a server updated is a straight forward task but to replicate this on, say 20 PCs is cumbersome as the users need to keep their PCs updated and scanned regularly.
  • Understand your requirements – this can be achieved by talking with perhaps two or three antivirus suppliers. For example if you have an email server you must make sure that this is covered too.
  • Make sure any antivirus programme you choose is listed on the ICSA Labs list (www.icsalabs.com). This proves that it has passed tests to find if it gives adequate protection.
  • Free demonstration versions are often available for 30 days. This gives you a chance to try out the software and make sure that it matches your requirements. Also, if it is difficult to use, you may wish to consider an alternative.

 Step two

  • Remember that you will usually need to subscribe or pay for updates after the first year. Find out how much an annual subscription costs, and factor that in when comparing prices. Check for any special offers that include extra annual subscription.
  • If you have laptop computers that aren’t connected to a centrally managed system because they are used by remote or mobile workers, ensure that they can still get updates from the manufacturer.
  • Make sure that your antivirus software supports the version of Exchange Server you are running and the latest Microsoft Virus Scanning technology, assuming you are using Microsoft products! Evaluate how quickly various antivirus software vendors release updates. Also verify that your antivirus software is compatible with service packs and product updates.
  • The traditional method of protecting against viruses and other malicious software is to install an antivirus program on each workstation and on servers that connect to the internet, such as email and web servers.

Step three
         

  • Identify the right supplier.
  • Use Conjungo’s ‘Find an antivirus supplier’ search facility [www.conjungo.com/understand/security/antivirus] for free.
  • Find out who has the experience of working for a company of the same size and profile as yours and how many similar installations they have made.
  • Ask for references – ensure that the company you plan to work with is capable and reliable.
  • Ask to speak with a couple of their customers in order to see what benefits they have gained.
  • Get a credit check to ensure that they are financially stable. You can get this directly from the supplier details in Conjungo.

Step four

  • Request a proposal from three or four of your preferred suppliers.

Step five

  • Select a proposal.
    • Who best demonstrates that they understand your business and your requirements?
    • Is the solution flexible and scaleable and therefore able to meet future demand? You don’t want to find out later that by investing a little more money now will save you money later.
    • Is it cost effective? Does it demonstrate clearly the functional benefits – rather than telling a list of particular features, does the proposal clearly show what the benefits are? There is no point on spending money for system with features that are of no benefit or that you will never use!
    • How much do the software (licences) cost?
    • How much will software support cost?
    • Can any savings be made by agreeing a multi-year contract for support?
    • How will your potential supplier support and maintain your system afterwards?
    • How much will this cost?
    • Have you spoken to a couple of your preferred supplier’s customers?
    • Agree on financial terms – you may be required to pay a deposit but do not pay the whole amount in advance of delivery.

Simple steps to installing antivirus software

  1. Install the software on each server or PC that has access to the internet. It may not be necessary to install the software on other PCs if they access the internet via your main server.
  1. You need to consider remote or mobile workers or workers that use laptop computers. They will need the antivirus software installed on their systems too.
  1. Once the above has been achieved, check for updates via the internet. Go to the main menu for your software and select updates. If there are any, then it will simply and automatically download on to your PC.
  1. The next step is to run the antivirus in order to make sure that there aren’t any viruses or other malware on the PCs.
  1. In most packages is it possible to set a time for your software to automatically check for updates and then check for viruses. You may wish to set this to weekends or evenings as this activity, while working in background and allowing users to continue to work, can still effect the performance of your PC or server.
  1. It is important to have a plan in place that helps your organisation to react to a virus and recover. When putting this plan together you need to ensure the following:
      • Make sure that all servers and PCs have the latest antivirus updates.
      • New viruses are constantly emerging and can spread via the internet extremely quickly so keeping your antivirus updated regularly is critical.
      • If your systems are not updated regularly, your organisation could be at risk from a virus attack.
      • Make sure that you carry out a virus scan every time you make any changes to your server or PC such as adding new software or users.
      • Provide users with instructions on what to do should there be a virus before a relevant update is available to the antivirus package.
      • This may include stopping access to the internet and ensuring that no other emails are sent internally or externally via the internet.
      • Let your suppliers and organisations that your business is in regular contact with know of the incident.
      • Notify your supplier of the antivirus of the issue and they will be able to help.
  1. Administration training – plan for half a day. You will need to choose an individual to learn how to add extra users, download updates and check for viruses.
  1. User training. This is simply to ensure that everyone is comfortable with the antivirus package and to help them set it up in order to meet their requirements.

Conclusion
It is highly recommended that all organisations install an antivirus system. Without a doubt, most organisations with internet access will be susceptible to a virus attack – this is pretty much unavoidable. There are many excellent and different packages available but do make sure that they are capable of dealing with viruses and other malware.

Antivirus - FAQ’s

What is a virus?

A virus is a piece of malicious code or a software programme that has been written with the specific intent of causing damage to a computer or a network.

How does it work in practice?

A virus can be sent via an email or a document either from a friend, colleague or via a spurious email.

The best advice about viruses is that if you don’t know who the person is that has sent you an email; do not open it or indeed any attachments or links within the email.

An antivirus package will scan all incoming and outgoing emails to make sure that they don’t contain any viruses. If they discover a virus they will delete the appropriate files before it gets to you.

Why do I need it?

Quite simply, if you don’t have an antivirus package you will (unless you are extremely lucky) at some point be affected. This can cause major issues not only on your PC but is quite easy to pass across your organisation’s network and potentially impact everybody.

Is it something that I can install myself?

Yes, very much so. It is easy if you have just one PC but if your organisation has more than one and maybe a server, then it is important to install the software on those too.

Generally speaking, you can download an antivirus package either from a vendor’s website (and the appropriate number of licences according to how many users you have), or buy the disc from a vendor’s reseller.
 
Why do I need to update my antivirus package regularly?

New viruses are being created and developed all the time and naturally the antivirus vendors are developing counter measures to deal with them. If you don’t update your package regularly, you might miss an update and as a result your antivirus package may not pick up on a particular virus. As a result, it could cause issues on your PC and network.

You can easily automate the updating process to make sure that you’ll never miss an update.

What would happen if I don’t scan my PC every week?

You may not realise that one or a number of viruses have been introduced to your PC or network unless you scan for viruses regularly.

You can easily automate the scanning process so that it runs regularly, at a convenient time.

Make sure any antivirus programme you choose is listed on the ICSA Labs list (www.icsalabs.com). Being listed here shows that the software has passed tests to make sure it gives adequate protection.

You may also find that not all antivirus packages are able to deal with all malware or spyware (link: types of viruses) and it may be necessary to have more than one package.

How do I find the right vendor or reseller?

Conjungo is a great starting point because it will let you search for a supplier according to your location, company type, size and whether they have the right accreditations. Furthermore, Conjungo is completely unbiased, lists most of the major vendors’ resellers and it is free to use.

What’s the downside of installing an antivirus package?

The most common pitfall is that an antivirus package may slow down your PC. That said - the benefits far outweigh the potential downsides.

How do I measure whether the package I’ve purchased is making me money or saving me money?

Quite simply, you can’t! You hope that you will never find out because if your network ever suffers from a virus, it can cause havoc, potentially destroying years of hard work. And cost a lot of money to put right.

 

Copyright © 2009 Lock On Productions Ltd. (All rights reserved)
Retail Knowledge Ltd, 81 Oxford Street, London, W1D 2EU | E: info@retail-knowledge.com T: 0207 903 5177
>>