Enterprise Security Cannot Rely on Antivirus Software Alone

Sue Marquette Poremba
Slide Show

Five Questions to Ask When Choosing a Vulnerability Management System

The one message from security experts that I’ve heard repeated throughout my security writing career is that network and IT security require a layered approach. You can’t use one security technique and expect that one thing to handle all of your security.

A new study from Rapid7 reiterates the need for layered security. The survey took responses from 600 IT pros and 96 percent of them said antivirus software is enabled on employee machines. (I admit my initial reaction to that statement was only 96 percent? AV software is as basic as security comes, so shouldn’t it be 100 percent?)

Rapid7 does point out that while the high rate of AV software installation is good, it is only the first step. According to a Forrester report, AV software catches only 20 to 30 percent of malware, and the Verizon 2013 Data Breach Investigations Report found that 71 percent of all attacks and breaches last year involved compromised end-user devices. AV software will have some positive effect, but it can’t be the only security option used in the enterprise.


Yet, that AV software appears to be the highlight of this survey when it comes to actively protecting the network. Only 82 percent of respondents are sure that their employees’ computers have the latest operating system patches installed.  And another 80 percent require strong passwords and/or have passwords that need to be changed on a regular basis. While 90 percent of respondents say that they are able to block suspicious attachments, 54 percent of those surveyed do not, or do not know if they have code execution prevention controls enabled on users’ machines.

You may look at the numbers and think that most of the respondents are providing positive answers, but we know a lot more about security threats today than we did even a year or two ago. AV software is essential, but not installing patches leaves the network vulnerable to malware or a breach. So having nearly 20 percent of the surveyed IT pros who aren’t sure or know that their employees’ computers aren’t being updated is an unacceptable number. AV software won’t protect your network from an unpatched OS.

The survey didn’t focus on BYOD concerns, and that may be where the disconnect lies. But of course, that’s an issue that needs to be address with a solid BYOD security policy.

As Rapid7 says, an enterprise is only as secure as its weakest link. One unpatched computer or one unblocked email can end up doing a lot of damage to a network.



Add Comment      Leave a comment on this blog post
Aug 27, 2013 10:18 AM Maria S. Walker Maria S. Walker  says:
I totally agree with you Sue. I am using an AV software alone before. I presume that my machine would be that safe because the AV Software I am using is considered the "BEST" and the most effective one. However, I was very disappointed that my computer still got infected with a virus. And then I realize, having an AV Software alone is not really enough. Anyway, thanks for the time you spent for posting this entry. The survey give as what we need to learn as well. Reply
Oct 24, 2013 5:08 AM Pavel Novák Pavel Novák  says:
Thank you for info about Enterprise Security! Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data