Hidden costs of malware

Hidden costs of malware

By apexwm, 20 December, 2010 20:59

Often times in the business world we need to look at total cost of ownership, for Information Technology. While this is very important to run an efficient business, one thing that is hard to guage are the hidden costs that are not as easy to detect and notice.

Recently it seems that viruses and malware for Windows have ramped up before the holiday season fast approaching. I've recently seen huge amounts of resources including time, money, and just plain manpower thrown at fighting off malware of all sorts on Windows systems. This is exhausting resources that are already busy at this time of year.

The first reaction to malware outbreaks is "make sure your antivirus software is up to date". While this is a great theory at fighting off malware, in reality this doesn't always work. Quite a few times recently, I've been seeing more and more malware get through undetected. Some products catch some, but I haven't seen a product that catches everything in one shot. On servers and gateways, it is common to run multiple antivirus engines just for this reason. But on the desktop, you usually want to keep resource usage of antivirus software at a minimum.

These types of hidden costs can go unnoticed for quite some time. This can secretly drain a company and keep it from doing normal business. What can you do?

Evaluate the antivirus products out there, and check reviews that are not sponsored by the company that writes the software. I also like to check forums to see what types of issues that people post and if they are resolved. I've found that some big names in the antivirus software world don't always write the best products, in fact the opposite can happen when there companies are so large that their products are of poor quality and simply don't work. Symantec is one that was once the top name in quality antivirus software and has slid downhill.

Try to capture and infected PC, disconnect it from the network, and put the antivirus software to the test. If the antivirus software claims to work, let's see it work.

Explore other possibilities as well that are outside of the box. For instance, migrating to another operating system like Mac OS X and Linux for some applications. This can greatly save time, money, and headaches if a successful migration can happen. Completely eliminating the bait of the Windows operating system for malware essentially stops the malware problem at its roots.

All in all, investing a little upfront testing and time can save you much more time and resources down the road.

Talkback

AV can only ever play 'catch-up'. Until now serious vulnerabilities and attacks have tended to be identified and tackled by academics before the criminals could make much use of them (cretins who use Windows without AV are of course out of scope here).
Problem is that the number and sophistication of criminal gangs is increasing dramatically, sooner or later criminals exploiting vulnerabilities big time before the academics get to plug them will become the norm.

An awful lot of criminals test their attacks against www.microsoft.com. That website gets hit by a malicious attack attempt 7,000 to 9,000 times per SECOND! I guess it's nice of the criminals to announce their activities to their intended victim, but the sheer scale is hair-raising.
AndyPagin 21 December, 2010 13:03
Report offensive content Reply

Need to offset the costs of migration to, training for and support of a second operating system. All those are expensive. That's why so few enterprises run anything else other that Windows.
manek 21 December, 2010 16:18
Report offensive content Reply

AndyPagin: That's definitely true. And personally I haven't seen a whole lot of success for products that claim that they have "heuristics" to try for zero day protection. That's why I mentioned the attempt to stop this at the roots, or at the operating system layer.

manek: I agree however my point was that the options should be evaluated. I am willing to bet that a majority of companies have not weighed in the options, and continue to proceed with "business as usual" because it's easy. While this may keep things moving forward today, when looking ahead 3 or 5 years, the picture can be drastically different depending on which path is taken today. Case in point is Google, which decided to dump Windows internally. There had to be a list of very good reasons to do this in their opinion (other than political).
apexwm 22 December, 2010 18:02
Edit Delete Report offensive content Reply