In a perfect world, antivirus software would not be needed as cyber criminals would not exist and software would not contain any flaws. But this isn't a perfect world and we all need to protect our information and identities when we are online. It was created to detect and remove 'computer viruses' that stopped computers from working, destroyed data or passed on what you had typed - e.g. banking login details - to criminals. Over time, the number and types of malicious software, or malware, has grown - the most recent being ransomware that encrypts your files - and criminals have more methods to try and get this onto your computer. These include sending emails with infected attachments, asking you to click links in emails that take you to infected websites and by writing apps for mobile devices that steal all the information it holds. Although most malware is written to target computers running MS Windows, malware also exists for Android and Apple devices.
How does antivirus software work?
By checking the files you are trying to install or download. It has a database of virus definitions and looks for matches in the database. If it finds a match, then the file is marked as suspicious and is blocked.
That method only works for viruses in the database. Criminals are always launching new variations, and it can take a few days to make its way into the virus database. Checks can be done by the software to look for signs that are similar to other types of malware. If it looks suspicious, then it is blocked.
How good is free antivirus software?
Bodies such as Virus Bulletin, Simon Edwards Labs, AV-Test Institute, MRG-Effitas and AV-Comparatives run regular tests of antivirus software. Some free software performs very well and should not be discounted. I have seen IT vendors state that free software will always invalidate your insurance. I do not believe this is true; it certainly isn't part of the requirements of the cyber security policies I have reviewed...but I have not read them all. And the UK Government's Cyber Essentials scheme says you must have antivirus software; it doesn't specify what type.
What paid for antivirus software gives you are additional ways to secure your devices (including mobiles), check if websites are secure, automatically scan USB devices when they are connected, manage the installation of security patches, and security tools such as firewalls.
How effective is antivirus software?
Antivirus software providers typically claim their product can detect at least 95% of malware. On the other hand, some people claim antivirus software is ineffective due to the number of new malware variations being launched. The answer is 'it depends'.
If you are a typical SME - one that isn't involved in Ministry of Defence work or dealing with the Intellectual Property of large corporations - you are likely to be targeted by criminals using malware that is already in a virus database or can be detected using the second method mentioned above. Antivirus software is going to detect over 85% of malware. If you are the other type of SME, detection rates are probably going to be about 60% of malware.
In either case, antivirus software is going to provide protection and should be used alongside other measures such as firewalls and training people on what to look out for.
- Antivirus software is going to make you more secure, on Windows, Android and a Mac
- Free software should not be discounted, but paid for software will provide more ways to keep you secure
- Use antivirus software alongside other security measures such as firewalls and training people on what to look out for