How Safe is Your Success? Part 3 of 8

"How Safe is Your Success" is a series of eight articles. Each article addresses a different aspect of a universal problem which is of particular importance to those who do business on-line. Most Internet users are at least aware there are dangers "out there", but few appreciate the real extent of those dangers, the possible (even likely) consequences, or the best, most practical and least expensive means of countering them. This series is intended to at least provide some useful awareness of the situation.

-------------------------

Part 3 - The Anti-Virus Conundrum

One of the most common defenses I hear from clients when I tell them I have discovered that a virus is the cause of their "problem" goes like this: "But I'm using an anti-virus. I've always had one! The man in the computer shop put it on for me".

The Man In The Computer Shop, by dint of the fact he is "in computers" and speaks all that jargon stuff, is perceived as an Expert Who Can Be Trusted. I mean, do you argue with your plumber about pipe diameters and flow rates? Do you quiz your electrician about safe electrical loads? No. He is the expert and you expect him to know.

Warning: Do not carry any of the trust you may place in a qualified specialist tradesperson over to the computer industry. Look at the computer game as being more akin to the motor trades. You don't expect the car salesman to be an expert in tune-ups, or the mechanic to repair a tear in your upholstery. Each to his own.

Many computer retail sales people are quite competent when it comes to configuring a PC, but keep in mind that there is no necessity for them to be other than good salespeople. Unless you work in a company that has ready access to a professional IT support person, there is much you will have to do yourself to get your computer safe. There is also much you will have to become aware of for it to stay that way.

My favorite saying with respect to anti-virus protection is this: "An anti-virus program is only as good as the day it was made". Expected response: "Huh?", which is OK because then I get to explain.

A virus is just a computer program and, reduced to basics, a computer program is just a special type of document containing alpha-numeric characters – called “code”. The publishers of anti-virus software carefully analyze the code of a known virus program and determine a “fingerprint” or “signature” that can be said to be characteristic of that particular virus. That information is added to a database of signatures of other viruses that have also been analyzed.

The anti-virus program compares data on the computer’s hard drive (or in memory) with the information stored in its database of virus signatures. If a match is found, the likelihood of a virus is high and an alert is issued, or some other pre-programmed action takes place.

There is also a more complex detection method called heuristics which, rather than looking for specifically defined characteristics, looks for “virus-like behavior". If your anti-virus program offers a heuristics option, do make sure it is enabled. Sometimes anti-virus programs that offer heuristics don't have that option enabled by default.

Now if I tell you that new viruses are being released onto the Internet every day of the week, can you see how your anti-virus program will soon become useless against an ever-growing number of viruses for which it will have no characteristics? So my favorite saying becomes: An anti-virus program is only as good as the last time it was updated.

If you are to have any chance at all against the flood of virus-type attacks permeating the Internet, you absolutely MUST ensure that your anti-virus installation is always using an up-to-date database.

Don't let the mention of "database" deter you — that's the province of the programmer. All you need do is configure your anti-virus program to regularly contact it's developer's website and download the latest updates. Any anti-virus program worthy of your consideration will have a built-in scheduler to take care of regularly connecting to the Internet and retrieving updates. Frankly, it is just too important a task to be left to the frailties of human memory, so always use automation when it is available.

As for detection capabilities, most of the major anti-virus packages are pretty much on a par these days. For me it's the little extras that count, like ease of configuration, prompt and helpful support, etc. and of course cost. The specific brand of anti-virus software you use is up to you. My personal preference is a company I have been watching, using and recommending for a few years now: Grisoft, makers of the AVG anti-virus. You'll find them here: http://HackersNightmare.com?res=AVG

If you are a home computer user you can use this excellent anti-virus program completely free of charge. The site layout and links change from time to time, but from the link above look for a reference to "AVG Free". Note that there is also an AVG Trial, but that's a time-limited trial of the commercial software. As a home user on a single stand-alone PC you'll be very happy with AVG Free.

Finally, a word about "security suites". I know I'm inviting criticism for this stance, but I must say I'm not a fan of security suites for most home or small business installations. A suite is a software package that offers not only anti-virus but includes software components that purport to tackle other nasties such as SpyWare, adware, etc.

In my experience you do not find the best of each type of protection bundled together. Because a company may be extremely good at producing an anti-virus product does not mean they can do as good a job with an anti-adware solution. While the corporate buyers tend to turn their noses up at free software, the fact is that some of the very best-of-breed security solutions are just that - free. If the corporates with their big budgets and in-house IT support prefer to invest in complex and often costly integrated suites, that's fine. They have the resources to handle anything that happens.

But for my money there's a lot to be said for implementing a series of much smaller, less complex, often free utilities that — matched task for task — can usually out-perform the equivalent component parts of an integrated suite.

We'll be looking more specifically at adware and SpyWare threats in the next part of this series, so if you are not yet a subscriber to this newsletter join now, or risk missing some very important information.

In the interim, get yourself a good modern anti-virus scanner and, once installed, be sure to get into the configuration options and set a daily update schedule. In AVG version 7 you just launch the Test Center, click the Scheduler button, double-click the "Update plan" entry and select your preferred options. While you have the Test Center open you might as well double-click on the "Test plan" entry and set your preferred full-scan time. Mine happens in the early hours of the morning when it can't slow my work.

-------------------------