The threat of viruses is constantly being hyped up with increasingly hysterical claims from vendors, but the proliferation of e-mail and the Internet have definitely been a boon for rapid virus distribution.
Here we look at the issues presented by viruses, the deployment and ongoing management of antivirus tools, and the role of end-user education.
Throughout this article we use the term "virus" in a generic sense that includes worms, Trojans, and any other malicious code.
Business issues
Jakub Kaminski, antivirus research manager at Computer Associates, points out that viruses can be expensive, not just because of the intended effects of their payloads, but because of the unintentional damage they cause, as well as the need to stop systems to check (and if necessary repair) them. Such downtime can be very costly.
Managing director of security software distributor Janteknology Glenn Miller was previously instrumental in setting up McAfee's Australian operation. "Meta Group estimates that public exposure of an IT security breach can shed, on average, 1.75 percent off a company's stock price within 48 hours, converting to hefty losses in real dollar terms," he says.
"Thus, having a solid contingency plan to shore up intrusions has become as important as having a barrier to protect against them in the first place."
Even though there are products that are able to identify virus-like behaviour, antivirus software is not sufficient as it is essentially reactive.
"Indeed, there are many more security vulnerabilities--holes--than there are viruses...multi-layered solutions are required," says Miller.
This fact is not lost on antivirus vendors who, operating in an already mature market, are increasingly moving to become broader-based players. Symantec, for example, has bought a security company and is now selling hardware firewalls.
Meanwhile, McAfee has done a deal with eEye--the company that discovered the first Microsoft hole and developed Secure IIS in response--and is offering Secure IIS as a download from its US site.
Forrester Research interviewed 50 security managers at major organisations, and just over half said a one-day outage would "have a disastrous effect". It's not simply the operational problems, "the PR damage associated with an incident would be hard to recover from," said one manager.
John Donovan, managing director of Symantec Australia and New Zealand, points out that outages are an especially serious issue for e-businesses, as they can suffer a major loss of brand equity as a result of a security-related outage.
Not only is downtime costly at an organisational level, it can mean a lot of unwanted extra work for IT staff. "It is estimated that the average server-based virus infection today requires 22 person days of recovery time," says John Biviano, ANZ country manager at Sybari Software, which develops Antigen antivirus software for Exchange and Domino.
While we generally think of viruses as having immediate and obvious effects, they can work in subtle ways that may not be apparent for some time. Brenton Foggo, senior systems specialist at Adelaide University's ITS department, warns that data corruption is an issue that sticks around for a long time after a virus outbreak.
Legal issues should also be considered. "A Trojan can allow a massive security breach and allow business information to be stolen and confidentiality to be breached, a serious concern in today's litigious environment," warns Biviano.
Quite apart from any implicit or explicit expectation of confidentiality, Joel Montgomery, product marketing manager at Trend Micro, points out that it would be "a definite breach of the amended Privacy Act" if malicious code exposed supplier or customer records. Donovan believes such issues have always been well understood in the financial sector, but the message is now spreading to other corporations and SMEs.
And there's always the potential for downstream liability. Tim Smith, national business manager, security at Dimension Data Australia, spoke of the need to show due care and diligence by installing antivirus software and keeping it up to date in order to avoid the risk of claims from organisations that received infected documents from your systems. Antivirus "is not just an IT issue, it's a business issue," he says.
Hello, I have to you very odd request. My name is Jiri Kurka and I'm from Czech Republic. You writed in your article about some specialist name's Jan Chrbolka. I'm looking forward my forepast classmate and friend from school and his family emigrate from CZ. I suppose that this Jan Chrbolka is he. Do you have some contact to this man? Can you help me please?
Thank you very much for you answer.
Jiri Kurka, Czech Republic