Is it worth paying for antivirus protection?

martindow

I've got two PCs running windows 10 and I am currently paying for Avast Premium.  Am I wasting my money as opposed to a free AV program?

I have software relating to my business on both machines so need to be careful of data there - names and addresses but not credit card details - and I obviously want to be adequately protected in any case.

I am not sure what extra I am getting by paying and whether this is a necessary expense.

MattMattMattUK

martindow said:

I've got two PCs running windows 10 and I am currently paying for Avast Premium.  Am I wasting my money as opposed to a free AV program?

I have software relating to my business on both machines so need to be careful of data there - names and addresses but not credit card details - and I obviously want to be adequately protected in any case.

I am not sure what extra I am getting by paying and whether this is a necessary expense.

I am not really sure any of the paid for anti-virus software is worth it. With what is built into Windows and proper procedures in place no anti-virus software is likely to protect you should you be targeted anyway.

When you say related to your business what are you required to do for your data handling and data protection policy? What does the ICO say about the kind of data you process and the requirements to specifically protect that data (eg. all data should be secure, but some requires additional handling and security measures).

martindow

Thanks Matt.  The ICO suggest good practice such as a password to protect the PC and making sure that it is in a secure place so that clients, etc. don't have access to it.  I don't think there is any specific requirement to have paid for anti-virus software.

Would you consider that Windows Defender would do the job? 

MattMattMattUK

martindow said:

Thanks Matt.  The ICO suggest good practice such as a password to protect the PC and making sure that it is in a secure place so that clients, etc. don't have access to it.  I don't think there is any specific requirement to have paid for anti-virus software.

Would you consider that Windows Defender would do the job? 

I generally do yes, that and strong passwords, data segregation and a good dose of common sense. I also run MalwareBytes (the free version) every week. 

The reason why I ask about data is for my company, we handle personal data (names, addresses, emails and phone numbers), but nothing deemed sensitive (DOB, medical, financial etc.) but anything in the sensitive category usually needs extra security. So any device which has the data on must be both password protected and have the drive encrypted, otherwise all someone needs to do is take the drive out and plug it into something else, the same with backups. Also simple stuff like not transferring data via email without it being password protected (spreadsheets for example) and not sending the password via the same medium (eg one email with Excel file, the next with the password on).

It is also a good idea to check on here for data breaches, not from yourself, but if your details and potentially passwords have been breached on other sites.
https://haveibeenpwned.com/

I tend to think that the biggest risk these days is more that various accounts get compromised, so I always have 2FA turned on where it is available. That way even if something did compromise your local device the ability of any malicious actor to take it further would be severely limited. 

IvanOpinion

Some great advice from matt there.  The funny thing about virus detectors is that one may be considered the best and literally, a few hours later, it could be the worst - it really can depend on the time of the day.  Defender is good enough for a standalone machine (and in some recent tests came out very well against paid for products)..

As far as passwords are concerned I suggest 'long' rather than 'strong' (which means different things to different people).  Make passwords a minimum of 16 characters (our security team suggests 3 words of at least 5 characters long e.g. 'MarzipanAndrexTestament' (feel free to mix up the case and/or add numbers and/or special characters - but they aren't required and can make passwords harder to remember).

Another little tool we use extensively but I rarely see mentioned is axcrypt that allows files and folders to be encrypted.

[Deleted User]

All the above is great advice, just want to add a different angle.

They say don't mix business and pleasure ... well that probably should apply to your computers. A really good line of defence is not using the same PC for personal use as well as business, this will dramatically reduce the opportunity for picking up malware.

A business with good security measures will have almost crippling internet filters that limit what traffic can be sent / received over the internet - maybe you could dedicate one of the PC's to business only and lock down things that aren't needed?

Something not mentioned above is keeping the computer patched and up to date with all the latest security updates, including firmware which is often overlooked.

But you should also be fully prepared to deal with a situation where the anti-virus defences have failed.

A secondary line of defence is always a good backup routine. If for example you were to be hit by stubborn malware or ransomware that encrypts all your data and makes it inaccessible, then the best thing to do is swiftly wipe the machine clean, reinstall the OS and software from clean copies and restore data from a backup. Ask yourself if you could do that easily without losing any data? If not, then your backup routine is not adequate.

Good practice is to have at least 3 copies of your business data, on at least 2 different devices / media types and 1 offsite eg cloud based for maximum protection. 

Versioned backups are vital when dealing with ransomware as you may need to go back to a version of the backup prior to the ransomware attack as the most recent might be useless.

Finally a "sync" is not a backup - eg OneDrive file sync. 

IvanOpinion

Deleted_User said:

Versioned backups are vital when dealing with ransomware as you may need to go back to a version of the backup prior to the ransomware attack as the most recent might be useless.

Finally a "sync" is not a backup - eg OneDrive file sync. 

I am not sure about OneDrive but I know with pCloud (my chosen cloud backup/sync provider) they keep a history of all sync'd documents for 180 days (I think).  You can recover any version (has saved my neck a few times) or revert all files back to a point a time (e.g. after a ransomware attack).  On those grounds my main personal backup is a sync.

However I fully agree with you about backups.  I probably go overboard with a sync to pCloud, a copy to Sync.com and of course a backup to an external drive.  Apart from my photos (21GB) and a truecrypt partition of very important files (about 5GB) I really wonder how much of the 300GB I appear to have on cloud storage is actually useless crud. 

martindow

Thanks everyone for taking the time and trouble to give so many helpful comments.

I sync with Sugarsync that holds up to five previous versions and sounds similar to Ivan's pCloud so hopefully that would allow the recovery of files if there were to be a catastrophe.  I also have a hard drive back up on one computer.  They are in different locations using their own separate routers so I hope that the chance of both being corrupted is lessened, or is this naive of me?

On the business side I keep track of income and expenditure on spread sheets which I print out monthly as I've never trusted the computer more than printed paper.  Even if all of the business information was lost electronically it would be an inconvenience rather than a disaster  I hope).

You have prompted me to tighten up my passwords and I will try Malwarebytes as Matt suggested.

Thanks again for your help.

Jenni_D

How do you login to your PC? Is it linked to a Microsoft account?

I do have mine linked to my MS account and use a PIN to login day-to-day. However, based on advice here recently (might have been from @tallmansix) I've switched my MS account to no password and use an Authenticator app to approve new logins now.

Ant555

martindow said:

Thanks everyone for taking the time and trouble to give so many helpful comments.

You have prompted me to tighten up my passwords and I will try Malwarebytes as Matt suggested.

Thanks again for your help.

If you are a NatWest customer then they currently offer the Premium of MalwareBytes at no cost.

https://personal.natwest.com/personal/fraud-and-security/malwarebytes.html

hope this helps.