The internet is a petri dish of nasty, infectious software, created by criminals hell-bent on stealing your clients’ data. Anti-virus software (AVS) can provide some protection, but there are guidelines for choosing the best AVS package.

Before making a decision, inform yourself about the features of malicious software (a.k.a. malware). Your computer can pick up viruses in various ways, such as plugging in a USB drive with an infected file. Viruses also can arrive via email with infected attachments and even via websites that infect your computer by running dangerous code in your browser software.

Many of these infections will join your computer to a “botnet” – a large collection of computers around the world, controlled by cybercrooks who can use the botnet for a variety of activities. These include sending spam and hosting illegal content on your machine.

Other malware can take things a step further. Some malware, for example, can intercept online banking sessions to steal credentials. Others, like Cryptolocker, encrypt the information on your PC, then charge a ransom that you must pay before the attacker sends you the means to decrypt your data.

For a financial advisor, any of these attacks could be devastating.

How anti-virus software protects your computer

An AVS package can help to prevent infection by malware, and typically uses two methods to do so.

First, your AVS will refer to a regularly updated list of “signatures.” These are electronic fingerprints left by known computer viruses. If your AVS finds any of these fingerprints anywhere on your computer system, your AVS will flag this potential infection.

Second, your AVS may look for suspicious activity on your system. There are some system files that no legitimate program should need to access, for example. If your AVS sees this kind of activity, it will alert you.

Consider your computer platform. Windows, the most popular desktop operating system, most definitely needs anti-virus protection, but Mac users shouldn’t be too overconfident. As the number of Mac users increases, malware-generating attackers are turning their attention to this platform.

The profile of your investment advisory office will determine whether you should opt for a simple “home user” option or a more comprehensive (and expensive) business-focused “endpoint protection” system.

Home computer protection will provide the basic service you’d expect from an AVS package, but a business version will provide extra features. These features typically will include a licence to protect a variety of endpoint devices, such as Android, iOS and Windows Phone devices.

Whether or not you choose a business anti-virus product that also includes mobile phone support, you may wish to install AVS on your mobile device. Very few Android or iOS-based mobile phones get infected by malware, and both Google and Apple do a good job of scanning for infections in their app stores. Nevertheless, you may benefit from the peace of mind in knowing your mobile devices are protected – especially if you store sensitive data on your phone.

Some business-focused AVS packages may include centralized management for various endpoints.

This management layer might enable you to control the applications installed on various devices while also letting you see which of the computers used by your team have recently updated anti-virus signatures.

Free or paid?

If you run Windows 8, you already are protected by Microsoft’s AVS, which is called Windows Defender. However, this AVS typically is viewed as a baseline system only.

This product, and others, shows up in reputable online AVS tests, which should be your first ports of call when choosing an AVS. For example, AVTest (www.av-test.org) tests the major AVS products every four months or so, ranking them by the level of protection provided, performance and usability.

When choosing your AVS, anti-virus test sites can be a useful way to decide which anti-virus programs are legitimate. Fake AVS have become a big problem, especially on the Windows PC platform.

Crooks often will create online “pop-up” windows on websites warning visitors that their computer has been infected, and asking visitors to download the crook’s own AVS. Thus, the AVS itself infects your computer.

Not all free AVS is fake, though. You often can find free versions of AVS packages near the top of the AVTest rankings. But free versions typically are found only for single-computer AVS that is designed for home or small-office/home-office users, and these are typically stripped-down AVS applications that provide only a basic level of protection.

These free AVS apps may often be enough for a small advisory practice, though, and they raise an interesting question: what level of protection do you want?

Extra features

At the very least, your AVS should regularly scan your system for known viruses, as well as scan new files as they are created. Free AVS will do this – and, frequently, do it very well. Many AVS suppliers offer more advanced options, however, often in a premium “total security”-style package.

These premium features include checking websites as you visit them to ensure that they won’t download any suspicious code to your computer. This premium AVS also may include anti-spam protection to eliminate incoming emails that may contain links that will infect your machine.

Still other premium AVS features “application control,” which enables you to create a list of applications that you are happy to run on your computer, thus effectively blocking any software not on the list.

Common sense

Remember that no AVS product can promise to make you entirely secure. Cybercriminals and security software companies are engaged in a constant cat-and-mouse game, in which one party innovates and the other catches up. Some attackers deliberately test their malware against the top AVS packages to try to avoid detection.

The fact that no single AVS product can guarantee complete protection may be tough to swallow, but there are actions you can take to decrease your chances of infection. In addition to the AVS that you should be running, avoiding spurious websites will reduce your risk dramatically.

Do not open suspicious attachments or links in your incoming emails – even when they appear to be from people you know. Check with purported senders first to ensure that they really did send the emails.

And encrypting all client data is a must.

The truly paranoid among you may even consider doing things that could be vectors for infection – such as accessing non-work websites via your web browser – on a separate “virtual” platform. These platforms are software-based PCs designed to run within Windows or Mac OS, effectively giving you a second operating system within your operating system. This can be a good way of “sandboxing” dangerous activity, preventing anything inside your virtual machine from infecting your “real” operating system.

© 2015 Investment Executive. All rights reserved.