• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Student360
  • About
    • Secure360
    • UMSA
  • Secure360 2022
  • For Sponsors
  • For Speakers
  • Get Involved
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Recent Antivirus Hacks Reveal Hard Truths about the Fundamentals of Data Protection

August 12, 2014 by Anne Matthews

data-protection_1_0In May 2014, users of the Avast community-support forum received a surprise. The forum was offline after being hacked. Their user nicknames, email addresses and passwords were compromised.

The antivirus firm Avast protects more than 200 million people, mobile devices and computers with security applications. Its CEO Vince Steckler went to the company’s blog to address the users concerns. He quelled fears by telling users that only the community support forum was breached, less than 0.2 percent of the business’ 200 million users were affected and the attack didn’t jeopardize payment, license or financial systems or other data.

Avast is not the first antivirus company to face security concerns. Symantec revealed in 2012 that hackers breached its servers and took off with some of its source code.

“We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security,” Symantec said on its blog when responding to a New York Times cyber-attack. “Anti-virus software alone is not enough.”

Sadly, antivirus software seems to have become the default security mechanism used to protect against IT threats for most users today. This is a problem because antivirus can gives users a false sense of security, which can breed hubris for the most dangerous threats that threaten their private or critical data.

As we’ve seen, even antivirus providers can become susceptible to hackers and malicious attacks. Yet, users often believe they don’t need to back up their data because their computers are protected with a “magic impenetrable shield” that protects them from all outside threats. This is equivalent to the belief that wearing a seatbelt gives you the luxury of driving recklessly.

Antivirus software is only effective against malware and viruses that have been identified and blocked in the past. They are completely powerless against unknown IT threats of the future.

Antivirus is also incapable of protecting users from IT threats that exist outside of the software’s scope. For example, if someone breaks into your house and steals your computer and unencrypted external drives, your antivirus software can’t do much to protect you.

Ultimately, all computer security comes back to the fundamentals. Yes, it’s good to have an antivirus on your computer as an added form of protection. But this should never be seen as a replacement for a proper, secure, automated and redundant off-site backup plan.

No matter how good these services get, antivirus will never replace backup. Even antivirus providers recognize and acknowledge this fact. That’s why many antivirus companies include some form of basic backup service as an additional precaution.

  • It’s important to make sure that your backup plan – however you choose to implement it – has the features that your business needs.  For instance:
  • All data should be encrypted locally before transfer to off-site storage.
  • You should maintain redundant copies of your off-site backups, in addition to a local copy.
  • Once sent off-site, it should be impossible to decrypt your data without your private password.
  • You should know where your data is being stored, and what precautions are in place to protect it at the remote datacenter or off-site storage facility.
  • If you outsource your backups, your provider should offer live phone support in the event of an emergency. A stressful data disaster is no time to be Googling for complicated instructions.

It’s true that a weak backup is better than no backup at all, but it’s also important to remember that having inadequate backup can be just as bad as relying exclusively on antivirus as your only method of protection.

When it comes to protecting your computer and your priceless data, the fundamentals of effective IT protection remain the same as they’ve been for decades. Antivirus is simply not (and was never intended to be) a magic pill to fix all problems.

Filed Under: Guest Posts

About Anne Matthews

Anne currently writes for Storagepipe Solutions, a company that provides world-class corporate data protection solutions including online backup and recovery, electronic archiving and business continuity.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Secure360 Conference
    Secure360 Conference: With so much fun had this year, we're eager for next year! Mark your calendars for May 9-10, 2023 back at Mystic La… https://t.co/Cbk0abnNSO
    about 22 hours ago

  2. Secure360 Conference
    Secure360 Conference: With #Sec360 2022 officially in the books, we wanted to share a little recap of the fun! https://t.co/iMPwAp1Kac … https://t.co/kk7xRUXoRo
    about 3 days ago

  3. Fusion Learning Partners
    Fusion Learning Partners: Congratulations @UMSAOrg on a successful 2022 #Secure360 event! We are honored to be part of your conference team &… https://t.co/RbT7IEG49G
    about 3 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2022 Secure360. All rights reserved.