Know the Risk: Digital Transformation's Impact on Your Business-Critical Applications REGISTER >
If youre reading this article, chances are you dont need to be convinced about the importance of anti-virus software. But since the Do I really need it? question does frequently come up, lets address it right off the bat.
If you dont use anti-virus software, does it mean your system will pick up an infection the moment it hits the Web? Probably not. But especially if youre on a Windows PC (well talk about Mac OS a bit later)and even if youre the conscientious type who eschews dodgy Web sites and refrains from opening unfamiliar files or e-mailsanti-virus software is still a must, because threats are not always readily apparent. Being careful certainly reduces the risk, but doesnt eliminate it.
Free vs. fee?
Were all familiar with the adage you get what you pay for, and theres often a tendency to think that a free product must be woefully inferior to one that requires you to open up your wallet. Fortunately, that need not be the case when it comes to anti-virus software. It turns out that you dont need to part with any cash to get reasonableeven goodprotection against online threats, such as viruses, worms, Trojans, or spyware. For simplicitys sake, well refer to all of this stuff as malware for the rest of the article. (For a full explanation of the differences between viruses, worms, and Trojan Horses, read this article from Internet.coms Webopedia.)
One of the more notable and recent entrants to the free anti-virus arena is Microsoft Security Essentials 1.0. Its available for any Windows system (XP through 7) that passes Windows Genuine Advantage validation (i.e. the OS isnt counterfeit or pirated); its quick and easy to install and has an extremely simple user interface. Most importantly, it does nearly as good a job of detecting, removing, and protecting against malware as many commercial products, according to the well-regarded and independent testing lab AV-Comparatives.org. (Incidentally, all of the anti-virus options we cite in this articlewhich is not a comprehensive listreceived favorable ratings from AV-Comparatives.org most recent report, which you can read here (in .pdf).)
Other good anti-virus options available gratis include AVG Free Edition 9.0 with its LinkScanner feature that checks sites you visit (or see listed in search results) against a database of those known to be unsafe; Internet Explorer 8 includes a similar feature called SmartScreen, though it doesnt check sites until you actually try to visit them. Also good and free, the recently updated avast! Free Antivirus 5.0, which claims to be the worlds most popular free anti-virus tool. The latest version boasts a much-improved UI (which wasnt a big strength of its predecessor), more judicious use of system CPU/ RAM, and speedier scans.
When considering any free anti-virus program, keep the following caveats in mind. First, theyre usually entry-level versions of a companys commercial products. As a result, when downloading a free version you should expect to endure a bit of a sales pitch for the paid version, and possibly periodic admonitions to upgrade after you have it installed. Also, free anti-virus software often carries significant license restrictionsoften its only provided for home or non-commercial use, which precludes you from installing it on any work or business-related computer. AVG Frees license agreement further restricts use to a single PC, for example, and even though its free, you must register avast! Free to keep using it beyond 30 days.
Cloudy with a chance of malware
Panda Securitys Panda Cloud Antivirus Free Edition 1.0 represents a relatively new approach to anti-virus protection. Conventional anti-virus tools identify malware predominantly by consulting a vast database of signatures that must be downloaded to a PC and regularly updated there. By contrast, Pandas cloud-based anti-virus takes advantage of information continually gathered from a large network of connected users, which can translate into timely identification of and protection against both existing and emerging threats despite the lack of a locally stored malware database. The catch is that no connection means no protection, though for the duration your Internet link is down, your risk of infection is pretty negligible anyway.
When and why to pay
So given the relatively high quality and availability of free anti-virus software, is paying for it automatically a waste of money? Not necessarilyit all depends on your personal needs or preferences.
For example, many commercial anti-virus products, including security industry mainstays McAfee VirusScan Plus and Symantecs Norton AntiVirus 2010 offer advanced forms of threat detection, such as heuristic analysis, which looks for specific behaviors that might better detect an unknown virusor a new version of an existing one (this can come in handy if you frequently troll the dark corners of the Web).
Commercial anti-virus programs also typically provide supplemental protection features not available in free versions. Case in point: opting for avast! Pro Antivirus over the free version gives you the ability to visit questionable Web sites or run unknown programs in an isolated sandbox where they cant damage your system. Similarly, Kapersky Anti-Virus 2010 (which isnt available in a free version) includes a virtual keyboard that lets you enter sensitive info including passwords or PINs without fear of interception by a keylogger.
Most commercial vendors offer comprehensive security suites with additional features beyond anti-virus that are security-oriented, but not strictly malware-focused, that you may or may not find useful-- such as spam filtering or parental controls. Then theres the issue of support--for free software, its generally limited to community-driven message boards, but if youre a paying customer, support via e-mail, chat, and/or phone are often available.
If you do decide to shell out for anti-virus software, take vendor claims with a generous helping of salt. Security software is big business, and companies spew forth lots of marketing bluster to convince you that their products are sui generis when it comes to effectiveness, ease of use, and so forth. Before plunking down your hard-earned cash, check for the availability of a 30-day trial version (most vendors offer one), so youre not locked in if, say, you find the softwares interface incomprehensible or that it bogs down your computers performance.
When you do pull the trigger to purchase, be mindful of what youre buying. Some vendors automatically allow you to install the software on three PCs, others just one, with additional available licenses at extra cost. Also, many vendors automatically tack on up to $7 for extended download service in case you need to grab it again in six months. Our advice: skip this gratuitous charge and make a backup of the download yourself.
What about Macs and Linux?
Theres a common notion that Mac OS is an inherently more secure operating system than Windows, and thus, less susceptible to malware. Its true that malware is less prevalent on Macs, but what makes it so is the relatively small market share (about 5% according to the latest data from Net Applications). This translates into far less incentive for malware creators to find and exploit security holes, and limited potential for nasty stuff to propagate if they do.
That said, Mac-based malware does exist, as do tools that provide protection from it. ClamXav is free and open-source antivirus software for OS X 10.3 and above, PC Tools iAntivirus is a free/pay offering, and many of the aforementioned commercial Windows anti-virus vendors offer Mac versions too.
As for Linux, the same general rule appliessafer than Windows, but not categorically safe. AVG offers a free Linux version and ClamAV is available for, and sometimes included with, many Linux distros.
Regardless of what kind of anti-virus software you choose or whether you paid for it or not, its important to note that none of it is guaranteed to be 100% percent effective. Nevertheless, stick to a single anti-virus programusing more than one doesnt augment protection, it just causes big headaches due to conflicts.
Also, be on the lookout for rogue security software, also known as scareware, which uses official-looking pop-up warnings about non-existent infections and offers to remove them if you install their handy software. Bottom line: dont touch these unsolicited offers with a ten-foot pole.
To maximize your protection, its important to not only keep current with all operating system security updates, but those for third-party applications, as wellespecially ones like Adobe Acrobat and Flash, or Suns Java, where vulnerabilities are regularly discovered and patched. One way to make the latter task easier is to use Secunia Online/Personal Software Inspector to scan your system (either via browser or a downloadable appboth free) for insecure versions of software.
So lets recap. Always run anti-virus software, dont discount the efficacy of free tools, and if you decide to buy, do it because you want or need the extra features (and take it around the block first).
Joseph Moran is a veteran technology journalist and frequent contributor to many Internet.com sites. He does his safest computing from his office in Florida.