You assume the antivirus software your company is shelling out big bucks for is getting the job done. But studies show that’s not always the case.
Security firm Palo Alto Networks collected data from 1,000 companies that use one of Palo Alto’s anti-virus, security products in order to figure out how to combat viruses and malware that goes undetected by traditional antivirus software.
Over the course of three months, researchers found more than 26,000 pieces of unidentifiable malware on the companies’ networks which couldn’t be blocked by conventional antivirus software. Though it did prevent some attacks, the researchers concluded that antivirus software alone should not be viewed as the end-all for data protection.
NSS Labs conducted similar tests in 2011 in order to find out how effective anti-virus security products are at detecting malware and viruses from different sources. These sources included e-mail, websites and USB flash drives.
The software tested was successful in preventing malware from getting to a user’s email inbox just 36% of the time. But when it came to users opening the malware through an email attachment, protection rates jumped to 74% – an improvement but still not perfect.
The tests also revealed other areas where antivirus programs failed to prevent many infections:
- Local file servers: Servers without security controls were often targets for malware and viruses. Antivirus programs allowed malware to be downloaded from file servers 30% of the time.
- USB flash drives: The popularity of using infected USB drives to spread viruses has grown among the hacking crowd. This is because the malware has the ability to spread the second the USB drive is plugged in.
- “Single-use” malware: This newer type of malware is written directly to a machine’s memory, where it will often go undetected.
How to stay safe from viruses
Antivirus software should absolutely be utilized by IT, but the big takeaway here is that it can’t be your only safeguard. It pays to have IT train employees on exactly what to look out for, whether it’s a bogus website or a suspicious email. It also is a good idea to have IT monitor data trends and irregularities.
A money-saving tip: Consider free antivirus software. Companies may be swayed by the premium, professional-branded software but there are actually a plethora of free alternatives. Compare the costly software you’re using now with free versions and you may just help the bottom line, too.
What are your antivirus solutions? Let us know in the comments below.
