Menu
Do Kiwi firms know antivirus is not a replacement for patch management software?

Do Kiwi firms know antivirus is not a replacement for patch management software?

“It sounds good on paper, and it works great in practice, but..."

“Defence-in-depth, sometimes called layered security, is a philosophy that embraces the concept of multiple defences against threats,” observes Emmanuel Carabott, Security Research Manager, GFI Software, questioning New Zealand businesses’ use of patch management software.

“Rather than putting all the proverbial eggs in one basket and relying upon a single security strategy, multiple and different technologies, policies and practices all work together to provide as thorough and effective protection as is possible.

“It sounds good on paper, and it works great in practice, but far too often organisations – particularly smaller ones – pass over patch management software in the false belief that their antivirus software will protect them against all information security threats.”

This is not only dangerous, Carabott claims, “but it’s completely wrong.”

So much so that while antivirus software is a critical protection, and should be installed on all systems, Carabott believes the purpose of antivirus software is to simply “protect against malware.”

Whether that is a piece of code that a user tries to download and run, or a malicious script that is hosted on a website, or a worm that tries to propagate from system to system, malware is code that has a recognisable binary pattern and acts in a recognisable way.

“It’s designed to work against code specifically written to cause harm,” she explains. “What antivirus software is not built for or capable of doing is protecting against faulty code in otherwise approved applications.

“Patches are designed to fix bad code; collectively called bugs. That code could be a mistake made by a programmer, or an incompatibility with another piece of software, or perhaps instead it is code that just is not as good as it could be.

“When that mistake can be exploited by an attacker, patching that code may be the only way to prevent the vulnerability from being exploited.”

Carabott believes antivirus software acts upon malware that is already present on the system.

How did it get there? Well, frequently that code can get there through a bug, she explains.

“The problem is that malware may do things thanks to an opening created by the bug, but won’t necessarily result in any code picked up by the antivirus software and blocked,” she explains.

“When a piece of buggy code allows an attacker remote access to your system, antivirus software will not detect or prevent that access.

“Another way of looking at this is to compare antivirus software to a security guard, and patches to good locks.

“Sure, the guard can react to the presence of a thief, but the locks could proactively keep the thief completely out of the system. If the thief gets in, how much damage could be caused before the guard finds him?”

Just as Kiwi organisations need antivirus software on all systems, Carabott says its critical to ensure that the necessary patches installed are on all the systems that require them.

“The best way to accomplish that is by using patch management software,” she adds. “Patch management software – either installed onsite or based in the cloud – provides you with a centralised application that can deploy patches to every system on the network.

“It can also assess those systems so that you know exactly what each needs. In essence, it does the heavy lifting for you, upgrades the locks and secures the latches.

“Patching is an on-going task, with both monthly releases from the major operating system vendors and unpredictable releases from software vendors as new vulnerabilities are discovered.”

Carabott says automatic updates can take care of the operating system, but only if organisations trust all those patches to work on all systems without testing.

So while antivirus software is absolutely critical and has its proper place in networks, Carabott’s overriding message is simple.

“It’s no substitute for patch management software,” she adds. “Using both will help to bolster your defences and is a good start towards that layered security approach.”


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwareanti-virusGFI Software

Events

Why experience is the new battleground for partners

Join us for an exclusive webinar, in association with Hewlett Packard Enterprise and Technology Services Industry Association (TSIA) and learn about the latest industry insights and how technology services continue to evolve to deliver differentiated value, and how partners can be successful in 2021 and beyond.

Featured

Slideshows

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Show Comments