Call it endpoint security, antivirus, or Internet security: the security software we all run on our PCs may be one of the most important, yet misunderstood areas of computing.  ESG and other research suggests that many users believe one or several of the following:

1. It’s all the same stuff.  Since all of this software protects us from the same malware, endpoint security is really a commodity, so it makes sense to pay as little as possible or rely on freeware.  Wrong!  While signatures may be similar, delivery time can vary widely.  Additionally, some vendors can detect/prevent lots of malware variants with a single signature while others need many to do so.  Finally, endpoint security is a lot more than AV signatures alone.  The best software contains heuristics, white listing, identity protection, etc.
2. Signature-based endpoint security is dead.  This theory suggest that the advent of 0-day threats and rapid malware development makes AV signatures obsolete.  This, too, is false.  At one time, AV signatures were all you needed to protect your system, but now you need defense-in-depth.  AV signatures are still a foundation of endpoint security, supported by other technology safeguards.
3. If I avoid risky sites, I don’t need endpoint security.  You certainly decrease your risk of getting mugged if you avoid certain neighborhoods, but sometimes you don’t go to crime — crime comes to you.  With the rapid growth of web threats and related drive-by malware propagation, you don’t have to seek out cybercrime for it to find you.
4. Overall security is getting better, so endpoint security software is becoming less important.  While it may be hard to imagine, consumer research indicates that there is a large, and growing, part of the population that believes this is the case.   In actuality, the opposite is true — things are getting worse.
5. I have a Mac, so I don’t need security software.  Yes, I know that those “I’m a PC” ads are funny, but they give the false impression that Macs are somehow invisible to cybercrime.  They are not.  ESG and many security researchers believe that Macs will become an increasingly attractive target for bad guys in 2010 and beyond.

A far larger percentage of our fellow citizens believe one or several of these myths, install sub-standard endpoint security, or somehow believe that they are immune to malware infections and never deploy security software.  If we are lucky, their systems are compromised, private data is stolen, and they learn their lesson.  Unfortunately, these cavalier attitudes or ignorance threaten us all by creating huge botnets poised for attack.

My advice to all PC and Mac users:  install endpoint security ASAP and Caveat Emptor.  Choose the best security software you can find and don’t squabble over 20 bucks to get a leading endpoint security solution.  Finally, stay vigilant as security software alone won’t protect you.  Educate yourself on current Internet and social engineering threats.  It’s a dangerous digital world.

Related posts:

1. It’s Time To Re-Examine Endpoint Security
2. Mac Security Threats Will Grow More Ominous in 2010
3. The Future of Endpoint Security
4. FBI Deputy Assistant Director Describes Cybercrime Sophistication
5. Expect More Data Security Focus — and Legislation — in 2010

Tags: Antivirus, cybercrime, Cybersecurity