As an outsource security partner BAI provides managed security, managed firewall, managed ids, content filtering, internet security, network security, penetration testing, and vulnerability testing.

managed ids, content filtering, outsource security, vulnerability testing, internet security, managed intrusion detection, managed firewall, security audit, penetration testing, network security, information security, managed security, Firewall Notification, Voice Over IP, Fixed Costs, Security, Auditing, Reporting, Policy, Monitoring, Networks, Protection

  BAI Security works with internal IT teams to provide firewall and IDS management, content filtering, custom threat alerts, Internet and network security and penetration and vulnerability testing.BAI Security works with internal IT teams to provide firewall and IDS management, content filtering, custom threat alerts, Internet and network security and penetration and vulnerability testing.  
  ServicesAbout UsPartnersNewsContact  
   
 
 
Articles & Press Releases

Is Antivirus Technology a Crock?

It fails to prevent computers from getting infected with viruses, and this failure contributes to many other security woes that plague the world's computers.  Because viruses spread, hackers find it easier to compromise computers, identity theft is better enabled, and computer fraud is easier to perpetrate. Virus-infected computers become a resource for hackers to exploit. Some hackers assemble and control networks of thousands of such computers and use them to distribute huge volumes of spam, mount sophisticated phishing attacks, and launch targeted "denial of service" attacks on companies.

The level of virus infection is high. It's not an epidemic; it's a pandemic. How bad is it? That depends on how you look at it.

For the home computer user and small-business user, infection is chronic. In June, 2007, Microsoft  revealed the results of a 15-month test of its Malicious Software Removal Tool on home PCs and small-business PCs. The utility had been used to scan and clean 5.7 million PCs, and it found backdoor Trojans, or programs that let hackers gain entry, on about 62% of them. And during the 15-month period, 20% of PCs that were cleaned were reinfected.

Big companies aren't immune, either. The Yankee Group Security Leaders & Laggards Survey indicated that while 99% of enterprises have deployed antivirus programs, 62% got infected by viruses. The situation for large enterprises is, it seems, not much better than for other PC users. They may be better able to recover from infection, but they still get infected.

Faulty 'Burglar Alarms'

So why is it that AV technology does such an inept job? Consider the following information, published last year by AusCERT, Australia's Computer Emergency Response Team.

The most popular AV products fail to prevent 80% of new viruses. AusCERT declined to name the AV companies publicly, but in case you didn't know, the leading AV vendors are Symantec, McAfee, and Trend Micro, in that order.

Mind you, it isn't necessarily the case that these products are technically inferior to other AV products. It's just that most virus writers test their viruses against the popular AV products before unleashing them on the world.  Not to mention in most cases the virus is “in the wild” infecting machines before new signatures are created and distributed to combat newly released viruses. 

Because of this, AV technology is doomed to be ineffective, and it hard to see how it’s ever going to be effective. The AV vendors have built "burglar alarms" that alert you only if a known burglar tries to enter your house. Any burglar that they don't recognize gets in unopposed.

The practical solution is to have a "burglar alarm" that sounds when anyone you don't know tries to enter the house.  Seems simple, doesn’t it?  But security products that work in this way have only recently been introduced.

Instead of focusing on identifying malware, these products manage a so-called white list of the valid programs, and prevent other programs from running, or, if necessary, run unrecognized programs in quarantine until their nature becomes clear.

The idea of white-listing programs and files is even more effective when combining it with white-listing at the perimeter of the network as well.  With security appliances, such as the type used in our Managed Security Service, we can effectively block all types of traffic not white-listed, as well as deep inspect those that are allowed.  This filtering capability dramatically reduces the ability of spyware/malware to communicate to/from the outside world.

Not Solved Yet

At the moment AV products are focused only on the enterprise market.  As the persistent failure of AV products becomes increasingly visible and as the popularity of these newer products grows, they will become available to the home user.  Since home user computers often are more susceptible to infection and become a breeding ground for viruses, the newer white-list products need to reach this market.

Symantec Chief Executive John Thompson declared in a speech in October that the problem of "worms and viruses is solved." It was a bewildering declaration, coming at a time when virus infection rates are as bad as they have ever been and cybercriminals are better able to exploit such infections.

But he was partly right. Only it's not Symantec that has solved the problem. Technically, the malware blocking problem is solved -- by the handful of companies that deliver a white-listing-based solution. Yet cybercrime is rampant, and it will remain so until the use of this newer wave of products and filtering solutions is widespread.

  

Find out how the professionals at BAI Security can help you secure your business. Contact Us Today »

 

Sign up Now!
 
 

    © 1995-2010BAI Security Inc. All Rights Reserved. Privacy Policy | Sitemap