I came across this article from LifeHacker :

“When it comes to keeping your Windows PC secure, all of the scare tactics and overblown virus stories out there make it hard to feel safe online. The fact of the matter is that you don’t need to pay for Windows security.”

It’s an interesting piece that suggests being careful about what you download and install is far more effective than all the anti-virus/malware tools. It’s true to say that anti-virus vendors have an interest in keeping a level of ‘fear’ to ensure they have a healthy business. However that is a bit unfair to anti-virus vendors who after all are serving a purpose.

This article is of course completely true for people who have an interest in computers and know some of a computers inner workings (like myself). Unfortunately in the real world we’re not all educated in the ways of computer security and we sometimes make mistakes. I’m a belt and braces person when it comes to computer security but I am guilty in lapses of judgement and have had the odd virus (and not every virus is from a download).

Working in a small company and looking after its security is sometimes a full time job, I make sure updates are installed as soon as possible and I ensure that every PC has a firewall and an anti-virus program. Why? Well our users do not know or want to have to be involved in some of these things, we often need to download documents from websites as research. An ‘always on’ anti-virus program scans these automatically without user intervention. People do not want their work flow interrupted, so to stop and scan each file realistically (no matter how much training you have) is not going to happen 100% of the time. Especially when there are deadlines to meet!

I like the idea of having minimal amounts of security software on my home PC, for one thing it would make it quicker, however I wouldn’t want to apply the same principles in the office!