Menu
Do Kiwi firms know antivirus is not a replacement for patch management software?

Do Kiwi firms know antivirus is not a replacement for patch management software?

“It sounds good on paper, and it works great in practice, but..."

“Defence-in-depth, sometimes called layered security, is a philosophy that embraces the concept of multiple defences against threats,” observes Emmanuel Carabott, Security Research Manager, GFI Software, questioning New Zealand businesses’ use of patch management software.

“Rather than putting all the proverbial eggs in one basket and relying upon a single security strategy, multiple and different technologies, policies and practices all work together to provide as thorough and effective protection as is possible.

“It sounds good on paper, and it works great in practice, but far too often organisations – particularly smaller ones – pass over patch management software in the false belief that their antivirus software will protect them against all information security threats.”

This is not only dangerous, Carabott claims, “but it’s completely wrong.”

So much so that while antivirus software is a critical protection, and should be installed on all systems, Carabott believes the purpose of antivirus software is to simply “protect against malware.”

Whether that is a piece of code that a user tries to download and run, or a malicious script that is hosted on a website, or a worm that tries to propagate from system to system, malware is code that has a recognisable binary pattern and acts in a recognisable way.

“It’s designed to work against code specifically written to cause harm,” she explains. “What antivirus software is not built for or capable of doing is protecting against faulty code in otherwise approved applications.

“Patches are designed to fix bad code; collectively called bugs. That code could be a mistake made by a programmer, or an incompatibility with another piece of software, or perhaps instead it is code that just is not as good as it could be.

“When that mistake can be exploited by an attacker, patching that code may be the only way to prevent the vulnerability from being exploited.”

Carabott believes antivirus software acts upon malware that is already present on the system.

How did it get there? Well, frequently that code can get there through a bug, she explains.

“The problem is that malware may do things thanks to an opening created by the bug, but won’t necessarily result in any code picked up by the antivirus software and blocked,” she explains.

“When a piece of buggy code allows an attacker remote access to your system, antivirus software will not detect or prevent that access.

“Another way of looking at this is to compare antivirus software to a security guard, and patches to good locks.

“Sure, the guard can react to the presence of a thief, but the locks could proactively keep the thief completely out of the system. If the thief gets in, how much damage could be caused before the guard finds him?”

Just as Kiwi organisations need antivirus software on all systems, Carabott says its critical to ensure that the necessary patches installed are on all the systems that require them.

“The best way to accomplish that is by using patch management software,” she adds. “Patch management software – either installed onsite or based in the cloud – provides you with a centralised application that can deploy patches to every system on the network.

“It can also assess those systems so that you know exactly what each needs. In essence, it does the heavy lifting for you, upgrades the locks and secures the latches.

“Patching is an on-going task, with both monthly releases from the major operating system vendors and unpredictable releases from software vendors as new vulnerabilities are discovered.”

Carabott says automatic updates can take care of the operating system, but only if organisations trust all those patches to work on all systems without testing.

So while antivirus software is absolutely critical and has its proper place in networks, Carabott’s overriding message is simple.

“It’s no substitute for patch management software,” she adds. “Using both will help to bolster your defences and is a good start towards that layered security approach.”

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags anti-virussecurityGFI Softwaremalware

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments