SECURITY: Can HIPS Replace My Anti-Virus?
Recent Gauteng Business News
The answer to that question is a resounding 'NO'!
Viruses, Trojans, spyware and a host of other malicious tools are a reality in today's increasingly online world, and their numbers continue to grow as the malware itself becomes increasingly more sophisticated.
Risks of falling victim to malware include identity theft, browser hacking to redirect people to phishing sites, slowing down of Internet connections and PCs being used as servers to distribute spam and pornography, not to mention computer crashes and corruption of data and hard drives.
Malware is here to stay and it continues to evolve, so it is absolutely essential for people to adequately protect themselves at the risk of falling prey to one of these harmful tools. As part of this constant battle recently banks in South Africa have begun offering free downloads of a variety of cloud-based Host Intrusion Prevention Software (HIPS) solutions to help protect users during internet banking sessions.
While these free tools are useful for detecting intrusions during browsing and can scan systems, alerting users to any problems that may occur, they are not anti-virus solutions and should not be used on their own, as alone they are simply not sufficient protection for the large number of threats that exist today.
Users should not be lulled into a false sense of security if a HIPS product is installed, as these cloud-based applications simply act as an agent on machines, scanning files, but are not able to quarantine and removed infected files. They should be used in conjunction with existing security on the machine to provide another layer of protection against malware.
This brings up a long-standing issue within the malware protection environment, that two protection programmes or solutions cannot be used simultaneously at risk of locking the machine down. While this is true to some extent, it is not entirely accurate. A user cannot run two of the same type of solution, for example two anti-virus programmes at the same time, and most modern operating systems will not permit the installation of one solution if another is already installed. However since these free HIPS solutions being offered by the banks are not anti-virus but cloud based scanners for use during online sessions they can and should run in conjunction with anti-virus solutions to provide extra security.
To have the very best in protection from the many sophisticated malware technologies out there, a layered approach is the most desirable way to go. If layers of applications are installed to deal with the variety of threats then it provides greater protection, in the same way that many sheets of paper will prevent a pencil from pushing all the way through to the bottom. This means that if one solution does not pick up a problem it is likely to be caught by one of the other layers of protection.
While some manufacturers do provide these layers in an integrated solution there are several aspects that should be covered in order to ensure adequate threat protection. The first and most basic level off protection is anti-virus and anti-spyware, as these are still prevalent and can expose a PC to unnecessary risk.
Core protection should be able to block viruses, spyware, Trojans, worms, bots and rootkits. A two-way firewall should also be installed on the desktop to defend against hackers, and the solution should provide real-time protection with frequent updates to ensure constant protection. Advanced protection should be able to proactively warn users of potential danger on downloaded files and applications before they are run, block browser, operating system and application threats and protect against infected Web sites.
On top of this an identity protection layer should be implemented to block hackers, block phishing websites and guard against keystroke loggers. Networking protection is the next layer in protecting computers, as this can be used to secure home networks and should automatically protect laptops and notebooks when connecting to public wireless networks. Backup and restore forms another important layer of protection, to secure files and folders and enable damaged or deleted files to be restored in the event of something happening.
Protecting computers today is a complex process that requires sophisticated solutions to match and exceed the sophistication of malware which is constantly evolving. These free scanning tools that are available free from the banking websites, while they cannot replace anti-virus and other security tools, will act as yet another layer of protection.
One word of warning however, spammers are constantly looking for new ways to direct people to harmful websites, and these bank downloads are the subject of the latest scheme in this area. If you receive an email from what appears to be your bank telling you to download their version of this software, do not click on the link as it will inevitably lead you to a phishing site that mirrors the banks internet banking site and may be used to steal your internet banking details. If you wish to make use of the cloud-based scanning tools on offer ensure that you only navigate there using your browser and not through a link sent to you on email or via other means.
At the end of the day, software can only do so much to protect computers, the rest needs to come from the users. So keep up to date on what is happening in the malware field, do not trust any links sent via email, be wary of anything that is free, and ensure that your computer has the latest definitions and protections to ensure you do not fall victim to malicious software and tools.
Business News Sector Tags: Security| Infotech|