Friday, June 1, 2012

An Antivirus Program Is Simply Not Enough

Broadband internet has been in existence for more than a decade now but in the earlier years people relied mostly on dial-up connections. The 'archaic' versions of computer operating software and slow connection did not do much for and limited the online threats back then. As the accessibility to high-speed connection increased, so did the risks from viruses and spyware. The increased risks also meant greater demand for online security. These days, a person has a variety of choices in antivirus software, anywhere from free downloadable ones to top-of-the-line products. Today, having the best antivirus is a necessity for computer users.

All antivirus products pretty much work in the same way. Most programs rely on a list of known threats called virus definitions to which the signature of a suspicious file is compared before it can be repaired or removed. This is called blacklisting technology. Some antivirus software also utilizes heuristic scanning. This type of operation tries to smoke out suspicious files that have unknown but predictable signatures. However, most antivirus programs today still rely on blacklists.

With thousands of threats that spring up every minute, computer vulnerability is at an all-time high. Even the best antivirus software is only as good as the updated virus definitions. When a new threat is created, like the so called zero-day viruses, it may take days or even weeks before they can be included in the virus definitions list. Most antivirus software developers are not aware of what new zero-day virus comes out. So this new threat can sneak into a computer and cause some damage before it can even be detected, and by the time it is detected, it might be too late.

Because of the different threats to computer security, having an antivirus installed may not be the only solution. One idea that can work well with antivirus software is allowing a computer to make a whitelist, a list of 'allowable' programs that can be run. This is similar to how we block spam in our emails. Any other program that tries to run on its own will be blocked. Maintaining the integrity of the computer now relies solely on the user who has to decide whether or not to include a program into the 'allowable' list. This idea combined with the best antivirus software can work really well in giving the most optimal protection against computer and online security threats.

View the original article here

No comments:

Post a Comment