Several suppliers key to safer security


26 May 2005

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Businesses have been urged not to rely on a single supplier for their antivirus requirements, as this can leave them vulnerable if this defence is breached.

Julian Rogajski, north west Europe commercial director for Sybari, said: “If you rely on a single vendor, you’re putting all your eggs in one basket. Avoid having a single point of failure – deploy antivirus at as many locations as you think you need. We believe that you must have a multi-layer protection policy.”

Speaking at a Microsoft small business security training seminar in Dublin yesterday, Rogajski warned that while buying a suite of security products from a single supplier initially looks like good value, the fact that they may use the same virus scanning engine across the entire product set could be a drawback if some malicious code was able to bypass this layer.

“What we advocate instead is using different vendors at each location on the network,” he said. “Alternatively, you go for a multi-engine solution deployed at different places. You’re getting breadth of coverage.”

He claimed that different suppliers updated their products at various speeds and each had different strengths in terms of the types of malware they are able to detect. “We wouldn’t say one engine is better than another, we’re saying that having multiple [scanning] engines is the best of all worlds.”

Rogajski emphasised that despite much attention now focused on how legislation such as Sarbanes-Oxley affects IT security, tackling viruses should remain a major consideration. He cited statistics to show that email volumes were calculated at 31 billion messages per day in 2002 and are forecast to reach 60bn by next year. He estimated that one in 50 emails carries a virus or worm, but at the height of a widespread attack, this could be down to one in 10.

He acknowledged that multi-engine virus scanners do require more server overhead in terms of processing power and memory, but he claimed that there was generally no significant performance impact on the server running such software. Sybari, which makes the Antigen antivirus product, was acquired by Microsoft earlier this year.

By Gordon Smith