Microsoft Security Essentials has been officially released.
This is good news for all Windows users and especially for the tech people who have gotten used to wrestling with 3rd party security solutions. If a friend calls me and says there is something wrong with his/her laptop, the first thing I presume is that security tools are causing trouble. The usual fix has been to uninstall some old brand-name security solution and replace it with Windows Firewall, Windows Defender and the free and fast Avira Antivir. From now on, I'd use Microsoft Security Essentials instead.
I haven't used an antivirus in my main laptop since I upgraded to 64bit Vista. But I do use antivirus in machines that I don't attend to, like my home server PC and the servers at work. The reason for not using real-time security software is performance. I need it. I'm willing to put effort in hardware upgrades like an SSD drive with clean-installeded Windows 7 to improve developer tool performance, but I'm not going to waste this investment by installing a new resource hog. Instead, I protect the machine with hygiene, by not installing anything unnecessary and keeping the updates fresh. If something goes wrong and an attacker gets through a vulnerability, I have a minimal setup backed up and recoverable fast. So far, I haven't needed it, because natural clean-ups like getting a new machine or installing a clean OS are frequent enough to keep the machine healthy. But I do run an off-line security scanners like Malicious Software Removal tool and ClamWin once a month or so.
For basic users and risk-taking power users, real-time antivirus is good. But even then you don't want to deal with the security software industry. It is just too hard to evaluate the net value of their offerings. You cannot be rational with security software unless you have a reliable cost estimate on being unprotected, and know the costs and benefits of a particular security tool. But this kind of analysis is hard, as the results depend on the value of your time and data in addition to the technical quality of a security tool.
The reason why Microsoft has not included antivirus in Windows already in the late nineties must have something to do with the antitrust regulators. Now, with the popularity of free antivirus rising, Microsoft is more safe to launch this offering. It will probably never be a part of Windows, which is bad for the overall security climate. On the other hand, this will probably be in the best interest of the consumer by keeping some free or commercial alternatives available. Historically, competition has been about the only thing that drives software quality improvements. As a warning example, it is good to keep in mind the internet dark age, 2001-2004, when IE6 didn't have a serious competitor.
Wrapping things up, unless Security Essentials turns out to be a real turkey, I'd recommend the following policies:
- For large enterprises, it makes sense to use centrally managed antivirus. But give developers an option to uninstall it in their machines, please!
- For nontechnical home users and small business users, who don't need most of the performance most of the time, real-time antivirus like Security Essentials is good. But you need to do backups, always.
- For unattended machines, antivirus is a must but you can have a scheduled virus scanner instead of real-time scanning. Free antivirus for Windows Servers is rare, I have used ClamWin for these. Managing ClamWin is tricky if machines can't connect to the update site, like when outbound http requests are blocked by a firewall.
- For performance-intensive workstations, minimize the amount of unnecessary software, including security software. You are ultimately responsible for the security, not some black-box application.
-mika-
Posts
0 comments:
Post a Comment