2017 so far has been the year of Anti-Virus software. Many pundits have called for the death of traditional Anti-Virus because only a small interface is running on the workstation while the actual scanning takes place in a data center. Also recently, the discussion about Kaspersky’s collusion with Russia has made headlines several times this year. You may have some questions regarding this, such as-
- Is Anti-Virus relevant in today’s cloud driven world?
- What are the real risks of using Kaspersky software?
- How do I filter out technical opinion versus technical journalism?
Is Anti-Virus relevant in today’s cloud driven world? In this hypersensitive cyber security world, Anti-Virus can be the last defense for malicious activity on your device. Protection against malicious activity will always be required as long as we as users make changes. If code was perfect and no one could make changes, the expensive protections we have in place would not serve a purpose. I do not see this coming anytime soon and would argue that it is not possible in the near future. Security products including Anti-Virus software will be included as a multi point security initiative. The Cloud has only magnified the need for localized security of your devices. Large cloud data centers have a greater risk based on size. Your device is 1 of 1,000,000 or 1 of 10,000,000 and with all of that data, the parameters for risk are different than 1 of 1,000. Not to mention that once your information leaves your local network, you no longer have control where that data goes. Each user/network has different tolerance for risk. The closer you keep your data to the origin, the easier it is to protect.
What are the real risks of using Kaspersky software? The US Government has had a suspicion of Kaspersky for a long time, based solely on geographical location and their high-level employees work history with the local government. Recently, it has hit an all-time high because of the accusations of Russia trying to influence the 2016 elections. Kaspersky denies all of the accusations about collusion with the Russian government. All Anti-Virus software comes with some kind of risk because the software has complete access to your device. Anti-Virus uses a large database of known threats and compares files on your computer to those threats. Like all Anti-Virus software, Kaspersky is a high value target for exploiting vulnerabilities. They also help in discovering vulnerabilities for governments, software companies, and private industry, as do all Anti-Virus companies. Currently we have no evidence that Kaspersky is helping the Russian government to spy on users around the globe. The recommendations by the US government is largely based on a Russian law that could force Kaspersky to help the Russian government at their request. This is definitely a risk but is not any greater than any other Anti-Virus company. You can parallel this to the US governments request to Apple or other software companies in the US for backdoors or decreasing the strength of encryption. As technology grows in our daily life so will the struggle of safety and privacy.
Bennett Office Technologies continues to monitor Kaspersky’s conflict with the US government. We have had conversations with Kaspersky and other resellers about this issue. We will continue to use Kaspersky, until there is proof that Kaspersky is allowing unauthorized state sponsored investigation. This does not mean we do not have measures in place if proof does surface. Here are the main reasons why we are currently continuing to use Kaspersky.
- Kaspersky is consistently in the top three products for providing anti-virus and anti-malware protection.
- A proper installation of the product lets the user choose whether to send findings back to Kaspersky Labs for analysis. Our installation method does NOT send any data to Kaspersky
- Source code is still used in other technologies* (more below)
- Kaspersky causes the least amount of impact on machine performance
- Kaspersky provides us the most cost effective means of providing those services
- None of the allegations made by the Department of Homeland Security or the media contains any proof, just speculation.** (more below)
Kaspersky has a Geopolitical clause in their end user agreements. This clause says if the end users are forced to stop using Kaspersky by Government directives, a refund can be made to users.
*Kaspersky source code, which is the core process that looks for threats, are integrated in several other software products. Companies like Amazon Web Services and Microsoft 365 use Kaspersky code for threat protection. Neither of these large companies has expressed any concerns over the recent media reports about collusion with the Russian government.
** Common Vulnerabilities and Exposures (CVEs) is an organization funded in large part by the Department of Homeland Security. CVEs researches products for vulnerabilities and reports them to the concerning parties and then to the public. Kaspersky is 1 of 7 organizations that has and continues to participate in the initiative.
How can I filter out technical opinion versus technical journalism? This is a struggle in the technical world as much as it is in the media. The shock and awe method of news ratings is at a new high in all aspects of our lives. Media is looking to grab attention or being used for a personal or organizational agendas. Technology is complicated and often time’s an opinion is used as a shortcut to make it understandable. Krebs on Security is a website that reports on his own investigations and only uses other news organizations for context for his articles. International Data Group (IDG) runs several credible websites based on what you are researching
and https://www.csoonline.com/ are just a few.
As always, we are here to help. If you have questions regarding technical information that you receive or regarding Kaspersky, please contact us!