Symantec, the inventor of commercial antivirus software, has publicly disclosed that antivirus tactics have been rendered largely ineffective. The disclosure came from Brian Dye, Symantec’s senior vice president for information security, during an interview with the Wall Street Journal. Mr. Dye said that because antivirus tactics catch only about 45% of cyber attacks, he considers antivirus “dead.” Yes, that’s right, the company that invented antivirus software and still derives a big chunk of its revenues from antivirus software, has declared it all but dead.
Symantec’s assessment is consistent with, but a bit more pessimistic than other recent antivirus reports. For example, RedSocks Malware Research Labs published a report indicating that overall detection of malware and intrusion by antivirus software was very disappointing—about 70% in January 2014, less than 65% in February and less than 73% in March. At first glance, that might not sound bad, but what it really means is that users were vulnerable to hackers for more than 25% of the time in Q1 2014. The RedSocks report concluded that “relying on protection from Anti-Virus companies, no matter how established their brand, is simply not enough. Comprehensive protection requires an entirely new approach.”
So what does this means for data security? Should you give up and stop spending time and money on protecting your data? Or should you just stop using technologies for storing and using sensitive data?
Not at all, but we do need to get more serious about data security. As one individual said in the Wall Street Journal article, antivirus is “necessary but insufficient.”
Our recommendation is that you not rely solely on traditional antivirus software for data security. You should also develop and deploy proven data security practices/processes, not only to prevent data intrusion, but to take action once you detect any such intrusion. Below are some of the things you may want to consider:
• Strict password policies (enforcing automatic expiration after a certain period of time; not allow repeating passwords; requiring “strong” passwords with 8-25 characters using numbers, letters, upper case/lower case, symbols; password locks after certain unsuccessful attempts, etc.)
• Using strong digital keys instead of passwords
• Encrypting data-at-rest
• Protecting your key store
• Detailed auditing of the data flow
• Using software that monitors your systems and provides alerts for abnormal activities (multiple logins within a certain time span, etc.)
• Using the latest security algorithms (SHA-2 , AES, etc.)
If you want to learn more about how we can help to secure your data transfers, including the use of our encryption/compression software solutions, please contact our data security experts at firstname.lastname@example.org.