For as long as computers have been hooked up to the world-wide web, hackers have been uploading malicious software in an effort to extort and exploit private citizens and businesses alike.
Computer viruses have long been a problem for corporate IT professionals. The need to combat malware threats has given rise to an entire antivirus industry. Antivirus programs are a staple of modern computing, but how useful are they for cloud infrastructure environments?
The Massive Malware Challenge
It’s common knowledge that new malware programs are being created on a daily basis. These threats range in complexity from simple tweaks to existing malware programs to highly complicated new programs that act as advanced persistent threats.
What most people don’t know is just how many threats are created each day. According to statistics cited by CNN Money, “More than 317 million new pieces of malware – computer viruses or other malicious software – were created last year.”
This means that more than 800,000 new threats are emerging daily. No security software can update quickly enough to guarantee day-zero protection against these threats. In fact, studies cited by PCMag.com’s Security Watch segment show that: “most of the newly-detected malware went undetected by nearly half of the antivirus vendors. After two months, one third of the antivirus scanners still failed to detect many of the malware samples.”
It takes time to analyze threats and program them into an antivirus database. In that time, how many different malware intrusion attempts would your IT infrastructure have been exposed to?
Is Antivirus Useless?
Despite the direness of the situation described above, antivirus is still far from being useless. Antivirus scanning technology is important for catching many malware programs before they can do too much damage.
Also, there are antivirus programs that use application whitelisting (AWL) rather than blacklisting to block unwanted programs from being installed on your computing hardware. This antivirus methodology blocks the execution of any program or code that isn’t on the “whitelist” (i.e. explicitly approved of by the AV program).
Whitelisting poses its own challenges, such as not allowing the installation/execution of new software that isn’t on the list, even if it is malware-free. However, it does provide better protection against brand-new malware than traditional antivirus programs that look for known threat signals.
In any event, it’s better to have some kind of protection than none at all.
Bolstering Security on the Cloud
It’s important to use other security measures to compliment your antivirus software, because AV alone isn’t enough.
For example, enforcing safe email and web use guidelines can do a lot to prevent malware from getting onto your systems in the first place.
Additionally, any IT infrastructure should have a strong perimeter firewall to block outside traffic, and strong internal firewalls to prevent internal threats from compromised or malicious user accounts from doing too much damage.
Antivirus software helps to protect your company’s cloud, but antivirus is only one layer of many that companies need to have to ensure cyber security on the cloud. Learn more about how multi-layered security protects your most sensitive data today!