Posts

Is Antivirus Dead? Cognoscape at CompTIA’s Great Security Debate

Charles Tholen, Brian Dye, Chris Johnson, Dan Liutikas

Charles Tholen joins a panel of IT security experts to discuss antivirus software, bring-your-own-device (BYOD) and much more at CompTIA’s ChannelCon 2014 in Phoenix.

By Dan Kobialka | Talkin’ Cloud

Several IT security experts discussed antivirus software, bring-your-own-device (BYOD) and numerous solution provider concerns during “The Great Security Debate” at CompTIA‘s ChannelCon 2014 in Phoenix.

Panel members discussed a variety of IT security topics, including whether “antivirus is dead.”

Brian Dye, Symantec‘s (SYMC’s) senior vice president for information security, told The Wall Street Journal in May he believed “antivirus is dead” because it is no longer “a moneymaker in any way.”

Cognoscape CEO Charles Tholen compared antivirus solutions to “locks” because both provide security, but there are still questions about whether antivirus solutions and locks deliver sufficient protection.

“Antivirus solutions are still more like the locks on our house, but are the locks on this business really good enough?” Tholen asked attendees.

Tholen noted a risk mitigation strategy is important for businesses, yet this plan should only be one component of their overall IT strategy.

“A risk mitigation strategy around the risks of end users is not a real strategy; you have to look beyond the end users,” he said.

Bring-your-own-device (BYOD) also creates challenges for solution providers, especially since more employers are searching for ways to leverage cloud and mobile solutions.

Chris Johnson, CEO of healthcare IT provider Untangled Solutions, said mobile devices are like “panes of glass,” and businesses need to implement strategies to manage these devices.

“I look at devices like panes of glass … we just assume they will work without human interaction,” Johnson said. “For the most part, a mobile device involves turning it on and it works. That’s where the challenge is for businesses.”

BYOD may create new challenges for both solution providers and end users as well.

“There’s no question that end users have a lot of issues to deal with, [and] the question becomes what role the IT solution provider will play,” CompTIA Chief Legal Officer Dan Liutikas added.

Johnson said antivirus solutions and BYOD, however, can create opportunities, and he pointed out education is key for solution providers and end users to avoid security and compliance issues.

“Security and compliance is not a product; it’s a mix of products and services, it’s a moving target. That education point is so important,” Johnson said.

Is your Antivirus an appropriate “lock” for your business, or is it “Dead”? Click Here to request a security check by Cognoscape.

Cognoscape’s Michael St. Martin on KRLD last week “The Educated Investor”

Michael St. Martin, Cognoscape’s COO visited with Todd Volkman on Todd’s KRLD 1080AM radio show “The Educated Investor” last week to discuss how small and medium business owners and executives can leverage technology to increase revenues, productivity and cost savings. Listen “I had a blast speaking with Todd and hopefully explaining how to wade through the quickly changing and sometimes complex landscape of today’s technology” says Michael.   Topics covered include technology planning, back up and disaster recovery, hosted email, cloud computing, free or low cost web apps, and other nuggets of info for you.   Happy listening!

Network Security tools are not always enough

Network Security tools and antivirus products do not provide complete protection from the Viruses and Malware that threaten businesses on a regular basis.  Common sense and intuition can help fill the gaps where network security tools leave off.  A recent example comes from a client who correctly DID NOT open the attachment and referred the email to our team for analysis.  Working for a lawfirm, our client knew that such a notification would arrive as a certified letter instead of just an email to a distribution list.  The email came in as follows:

From: Douglas Rosenthal – Attorney [mailto:doug.rose@douglasrosenthal.com]
Sent: Monday, August 02, 2010 3:04 PM
To: Recipients
Subject: Cease and Desist

Dear Sir

It has come to our attention that your website contains a logo thatis identical/substantially similar to our copyrighted Work.
Permission was neither asked nor granted to reproduce our Work and your Work therefore constitutes infringement of our rights.
In terms of the Copyright Statutes, we are entitled to an injunction against your continued infringement, as well as to recover damages from you for the loss we have suffered as a result of your infringing conduct.

In the circumstances, we demand that you immediately:
1. remove all infringing content and notify us in writing that you have done so;
2. credit all infringing content to ourselves.
3. immediately cease the use and distribution of copyrighted material;
4. undertake in writing to desist from using any of our copyrighted Work in future without prior written authority from us.

Attached is a list of the copyrighted material in question.

We await to hear from you.

This is written without prejudice to our rights, all of which are hereby expressly reserved

The email attachment is a Microsoft Word document named 822010.doc with a size of 112,532 bytes.  Opening the document you see what looks like a PDF file named infrige_documents.pdf with the instructions “(double click to view)”.

A quick look at the properties of the embedded file (In Word 2010 – Right Click on the file/Packager Shell Object Object/Properties) shows the embedded PDF file is really an executable named  INFRIG~1.EXE with a description of “Ufouonkt Uvadb”.  The file name was even a misspelling of INFRINGE, another clue that the whole thing is bad.  Launching this file would have launched a virus that would attempt to infect the computer.  When I tested this file, only 17% of the the world’s anti-virus engines would have flagged it as bad.

With any email or pop up message we advise our clients to either call us or forward the email so we have a chance to prevent a much bigger problem.  When in doubt, DO NOT open items or click messages when you can easily pick up the phone and get the help of an IT professional.