Threat Protection - Antivirus for Personal Devices

Overview

When looking for antivirus options, in the past there were many different options at different price points with varying degrees of success. Nowadays, operating systems come with security features available as a core feature.

Antivirus vs. Anti-malware

According to America's Cyber Defence Agency, "when used together, antivirus and anti-malware software protect your device against traditional and emerging malware threats. You should ensure your device is benefiting from both."

• Antivirus software blocks or removes traditional forms of malware when it detects suspicious activity based on patterns associated with known threats.
• Anti-malware software uses techniques to detect and remove new and more sophisticated malware strains.

Built-In Security

Consider regular updates for your operating system and applications as your primary defense. Despite having a fully patched system, new attacks or malware exploiting undiscovered vulnerabilities may still occur. Operating systems like Windows, macOS and Linux offer built-in antivirus and anti-malware tools, simplifying the process of selecting a third-party solution. Keep in mind that no antivirus or anti-malware software can ensure complete protection against all threats.

• For Windows, Virus and Threat Protection (also called Defender) is one of the best options available, and is built right in. It updates automatically with Windows Update, and you can schedule it to run automatically. It will also let you know if it hasn't been run in a while.

• For Mac, Apple Platform Security is built in to newer systems and provides protection from the hardware level and up. Apple devices, by design, are closed off by default to software that could be potentially malicious - always remember to install apps from the App Store. If an app is required to be installed outside of the store, be sure it's from a trusted source.

• Linux, by design, implements robust security features such as file permissions, user privilege separation, and a strict privilege model, reducing the likelihood of malware execution and propagation. Additionally, its open-source nature allows for rapid detection and patching of vulnerabilities by the community, minimizing the need for traditional antivirus software.

For more information about University-owned devices, answers to frequently asked questions, guidance for IT support staff in departments, and general information about University managed antivirus please visit Antivirus for University Owned Devices.

Detail

Antivirus Starts with Safe Computing Practices

No matter if you decide to use built-in options, or install additional software, the second you connect your computer to a network it can be vulnerable. The first, and best, way to keep yourself safe is to practice safe computing:

1. Use reputable software: Download applications only from trusted sources like official app stores or verified websites to reduce the risk of malware.

2. Keep software updated: Regularly update your operating system and installed software to patch security vulnerabilities that could be exploited by malware. Whenever you receive a notice that an update is available, update as soon as possible. Not updating your software is like not patching a hole in your roof, then wondering why the floor is wet when it rains.

3. Install/enable a firewall: Enable a firewall to monitor incoming and outgoing network traffic, blocking unauthorized access and potential malware communication. Keep an eye out for any messages from your firewall application about blocked traffic - it may mean there's an application trying to send/receive data or you're on a website that's trying to access things it shouldn't.

4. Use strong passwords: Create strong, unique passwords for your accounts and enable multi-factor authentication where possible to add an extra layer of security. Yes, it stinks to constantly change passwords and keep track of 100s of them, but you can use things such as a password manager like LastPass to keep track and suggest strong passwords. 

5. Be cautious with email: Avoid opening email attachments or clicking on links from unknown or suspicious senders, as they may contain malware or phishing attempts. Also be wary for anything out of the ordinary with people you do recognize - don't download weird attachments or provide information they shouldn't need - you should never provide your password to anyone for any reason.

6. Browse safely: Use secure web browsers, be cautious of unfamiliar websites, and consider using ad blockers and script blockers to minimize the risk of drive-by downloads and malicious scripts. Also pay attention for websites to ask permission for things - if you grant a website permission to send you notifications, it can later use that to display popups or other malicious ads.

7. Regular backups: Backup your important files regularly to an external drive or cloud storage to mitigate the impact of malware attacks like ransomware (malware that locks down your computer and asks you to pay to unlock it). System restore points are helpful to create occasionally as well.

8. Educate yourself: Stay informed about the latest cybersecurity threats and techniques used by attackers to better recognize and avoid potential risks. Websites such as https://www.cisa.gov/ exist with lots of good information.

Should I Install Additional Software?

While the above tips will stop a majority of malware in it's tracks, sometimes you may want an additional layer of protection. For this, you can always consult with our Help Desk for any current recommendations, but the landscape changes wildly with antivirus. What's best one day may be defunct in a week. Also applications are always being bought and sold, and sometimes unscrupulous companies can purchase a piece of software and turn it into a money sink.

The best thing to do is use a search engine to look for articles, written recently, that cover these subjects. Look for recognized publications (like Forbes) to provide information on the latest options. Again if you have any questions, or are having any issues that you believe may be a virus, you can contact the Help Desk for assistance!

Microsoft Defender and Additional Software

If you choose Windows Defender as your antivirus solution, it may activate automatically on your personal Windows device. However, sometimes when you install a different antivirus app, it may deactivate defender without you noticing. Then later if you decide to uninstall the additional software, you may be left unprotected. Take the steps to ensure Windows Defender is activated: Stay protected with Windows Security - Microsoft Support.

Antivirus Products Available for Use with Pitt VPN (GlobalProtect)

Pitt VPN checks your system’s Antivirus to ensure it is on a current version and patched within the last 7 days. If it is not a current version and updated within the last 7 days, you will receive a notice stating "Your system is either missing Antivirus or your Antivirus has not been updated within the last seven days. Please ensure antivirus is installed and up to date." You'll either want to update the software, or make sure your operating system is fully up to date.

PaloAlto, the GlobalProtect vendor, provides lists of approved Antivirus products available for use with GlobalProtect HIP profiles.

The lists don’t provide version numbers, only vendors. You'll want to use the link for your operating system, then select the tile for "Anti Malware". You can cross-reference the list with software you're looking to install.

The current lists can be found at the following links:

• Windows: https://software.opswat.com/OESIS_V4/Win/docs/support_charts/support_charts.html
• macOS: https://software.opswat.com/OESIS_V4/Mac/docs/support_charts/support_charts.html
• Linux: https://software.opswat.com/OESIS_V4/Linux/docs/support_charts/support_charts.html