It’s Friday afternoon—deadline day. Everyone is dreaming of home or post-work drinks at the bar. Just a few more hours to go, and that last project to complete. But what’s this now? Is it time for the weekly virus scan? There goes your early finish.
In most offices, you know it’s time for the weekly virus scan when:
- There’s a long line at the coffee machine.
- People are spinning their chairs and/or banging their heads on the desk.
- The air is filled with the sounds of furious clicking and keyboard bashing.
- Everyone is scowling at the IT team.
But it’s not just the disappointment of missing Happy Hour. The culprit is your good old traditional AV software.
Why Does Antivirus Slow Down Your PC?
In addition to the usual partial scans, traditional AV solutions perform an Endpoint Protection: Why does antivirus slow down your PC? extra complete scan of your hard disk, usually on a Friday afternoon.
This additional scan checks whether any unsafe files have slipped through the surveillance performed by regular monitoring. Every file on your hard drive is assessed for known threats, so you can imagine this might take a while.
This extra scan takes up so many resources that your system slows to a snail’s pace.
It’s frustrating for a very Zen person. If you have a normal level of patience, you’d better remove yourself from the offending device for your blood pressure.
Traditional Antivirus Only Recognises Known Threats
Antivirus software focuses on recognising files that have previously been known to cause damage or files that are poorly listed. But with the threats faced today, this level of protection isn’t enough any more. Why?
Attackers are simply smart enough to dress up known threats in new jackets—and of course, many of the threats are unknown.
75% of Successful Attacks Are ‘File-Less’
Even more worrying, 75% of all successful cyber attacks last year did not involve a malicious file. These so-called ‘file-less attacks’ no longer need a file as a delivery mechanism but can be implanted directly into the device’s memory by visiting an infected website.
Worriest, most antivirus solutions are completely blind to this type of threat, which has naturally become a popular method of attack.
It’s a Poor Fit in a VDI Environment
You opted for desktop virtualisation because it offers greater flexibility and efficiency. Multiple simultaneous sessions can be facilitated using as few computing resources as possible.
Unfortunately, this setup does not suit traditional antivirus solutions at all.
Traditional AV solutions depend on a local database of descriptions (file hashes) that tell us which files are good and bad. To be effective, this database has to be kept up-to-date. Every time you start a new VDI session, this local database is rendered obsolete. It should be updated each time you open a new VDI session, requiring time and resources.
Next Generation Endpoint Protection
SentinelOne’s ‘next generation’ endpoint security solution recognises suspicious behaviour within applications rather than solely focusing on detecting infected files. It provides protection against both file-based and file-free threats, regardless of whether they have been seen elsewhere before.
True ‘next generation’ endpoint security solutions do not depend on a local database of good and bad files, so they are always up-to-date, even when starting a new VDI session.
The Weekly Virus Scan is Heavily Outdated
Why do you even need a weekly scan? Isn’t the antivirus solution checking all the files as they arrive? What more can they detect in this extra scan? And why focus on file-based threats when attackers are moving towards file-less attacks?
It can be tempting to continue with the status quo. Still, you can be sure that cyber criminals are constantly modifying and improving their tactics, particularly as almost 1 million new malware variants are released daily.
Reclaim your Happy Hour and all the other time lost to traditional antivirus solutions with a next-generation endpoint security solution designed for the current cyber security and IT environment.
About SentineOne
Autonomous Endpoint Protection
SentinelOne’s Endpoint Protection Platform (EPP) provides organisations with real-time, unified endpoint protection, unifying prevention, detection, and response on one platform.
SentinelOne EPP leverages advanced machine learning and intelligent automation to prevent and detect attacks across all major vectors, with rapid elimination of threats, fully automated policy-driven response, and complete visibility into the endpoint with real-time forensics.
Certified AV Replacement
The independent antivirus research institute (AV-TEST) has awarded SentinelOne EPP the Approved Corporate Endpoint Protection certification for both Windows and OS X, which validates its effectiveness for detecting both advanced malware and blocking known threats - the only next-generation endpoint protection vendor to obtain this certification on both platforms.