| Level
  of
  Protection
  
   
 This
  of
  course
  depends
  on
  many
  factors,
  such
  as:
  
  
   1.
  The
  sensitivity
  of
  the
  data
  on
  your
  PC's.
  
  
   2.
  The
  number
  of
  personnel
  having
  access
  to
  your
  PC's.
  
  
   3.
  The
  security
  awareness
  of
  computing
  personnel.
  
  
   4.
  The
  skill
  levels
  of
  computing
  personnel.
  
  
   5.
  Attitudes,
  ethics,
  and
  morale
  of
  computing
  personnel.
  
  
   A
  key
  point
  of
  consideration
  is
  the
  threshold
  for
  the
  amount
  of
  security
  you
  can
  use
  versus
  its
  impact
  on
  normal
  productivity.
  
  
   Human
  nature
  must
  also
  be
  considered.
  If
  you
  were
  to
  install
  10
  locks
  on
  your
  front
  door
  and
  it
  cost
  you
  5
  minutes
  each
  time
  you
  enter
  your
  home,
  I'll
  bet
  that
  the
  first
  time
  that
  it's
  raining...
  and
  you
  have
  3
  bags
  of
  groceries...
  you'll
  go
  back
  to
  using
  the
  one
  lock
  you
  always
  used.
  
   Software
  is
  one
  of
  the
  ways
  to
  protect
  the
  computer
  from
  virus
  attacks
  but
  how
  can
  software
  really
  help…
  There
  are
  several
  approaches
  that
  have
  been
  developed.
  
  
   One
  form
  is
  an
  "inoculation"
  or
  "signature"
  process,
  whereby
  the
  key
  files
  on
  a
  disk
  are
  marked
  in
  a
  special
  way
  and
  periodically
  checked
  to
  see
  if
  the
  files
  have
  been
  changed.
  Depending
  on
  the
  way
  in
  which
  this
  is
  implemented,
  this
  method
  can
  actually
  interfere
  with
  programs
  that
  have
  built-in
  integrity
  checks.
  
  
   Another
  method
  is
  to
  "Write
  Protect"
  specific
  key
  areas
  of
  the
  disk
  so
  that
  no
  software
  is
  permitted
  to
  change
  the
  data
  in
  those
  places.
  
   Which
  virus
  protection
  package
  is
  right?
  
   Since
  the
  first
  reports
  of
  virus
  attacks
  appeared
  in
  the
  press,
  a
  number
  of
  "Virus
  Prevention"
  products
  have
  quickly
  appeared
  on
  the
  market,
  produced
  by
  companies
  wishing
  to
  take
  advantage
  of
  a
  unique
  market
  opportunity.
  
  
   Those
  companies
  that
  have
  had
  to
  build
  a
  product
  from
  scratch
  during
  this
  limited
  amount
  of
  time
  have
  had
  to
  design
  the
  defensive
  system,
  write
  the
  program
  code,
  write
  the
  user's
  manual,
  design
  the
  packaging,
  "Alpha"
  test,
  "Beta"
  test,
  and
  bring
  their
  product
  through
  manufacturing
  to
  market.
  A
  monumental
  task
  in
  a
  miraculously
  short
  period
  of
  time.
  
  
   Companies
  that
  have
  had
  products
  on
  the
  market
  that
  include
  virus
  protection,
  or
  products
  that
  were
  enhanced
  to
  include
  virus
  protection,
  such
  as
  Disk
  Watcher,
  have
  had
  extra
  time
  and
  field
  experience
  for
  the
  stabilization
  of
  their
  products.
  
  
   As
  a
  professional
  in
  this
  industry,
  I
  sincerely
  hope
  that
  the
  quickly
  developed
  products
  are
  stable
  in
  their
  released
  form.
  
  
   The
  evaluation
  points
  listed
  below
  are
  usually
  applied
  as
  a
  standard
  for
  all
  types
  of
  software
  products:
  
  
   ·        
  Price
  
  
   ·        
  Performance
  
  
   ·        
  Ease
  of
  Use
  
  
   ·        
  Ease
  of
  Learning
  
  
   ·        
  Ease
  of
  Installation
  
  
   ·        
  Documentation
  
  
   ·        
  Copy
  Protection
  
  
   ·        
  Support
  
  
   A
  "Virus
  Protection"
  package,
  like
  a
  security
  system
  for
  your
  home,
  requires
  a
  close
  scrutiny.
  You
  want
  the
  system
  to
  do
  the
  job
  unobtrusively,
  and
  yet
  be
  effective.
  
  
   Special
  consideration
  for
  virus
  protection
  package
  
   1)   
  Amount
  of
  impact
  the
  package
  may
  have
  on
  your
  computer's
  performance:
  -
  If
  the
  package
  is
  "RAM
  Resident,"
  does
  it
  noticeably
  slow
  down
  your
  machine's
  operations?If
  so,
  with
  what
  type
  of
  operation?
  Are
  program
  start-ups
  slowed?
  Are
  database
  operations
  slowed?
 2)   
  Level
  of
  dependency
  on
  operator
  intervention:
  -
  Does
  the
  package
  require
  the
  operator
  to
  perform
  certain
  tasks
  on
  a
  regular
  basis
  in
  order
  for
  it
  to
  be
  effective?
  (Such
  as
  only
  checking
  for
  virus
  conditions
  on
  command.)
  Does
  the
  package
  require
  much
  time
  to
  install
  and
  keep
  operational?
  I.e.:
  Each
  time
  any
  new
  software
  is
  installed
  on
  the
  system,
  must
  the
  protection
  package
  be
  used?
  
   3)   
  Impact
  on
  productivity...
  Annoyance
  level:
  -
  Does
  the
  package
  periodically
  stop
  processing
  and/or
  require
  the
  operator
  to
  take
  some
  action.
  If
  so,
  does
  the
  package
  have
  any
  capability
  to
  learn
  its
  environment
  and
  stop
  its
  interference?
  
   4)   
  False
  alarms:
  -
  How
  does
  the
  package
  handle
  situations
  that
  appear
  to
  be
  viruses
  but
  are
  legitimate
  actions
  made
  by
  legitimate
  programs?
  Are
  there
  situations
  where
  legitimate
  jobs
  will
  have
  to
  be
  re-running
  or
  the
  system
  re-booted
  because
  of
  the
  protection
  package?
  How
  frequently
  will
  this
  occur?
  How
  much
  additional
  end-user
  support
  will
  the
  package
  require?
  
   5)   
  The
  probability
  that
  the
  package
  will
  remain
  in
  use:
  -
  Will
  there
  be
  any
  interference
  or
  usage
  requirements
  that
  will
  discourage
  the
  user
  from
  keeping
  the
  package
  active?
  (It
  won't
  be
  effective
  if
  they
  quickly
  desire
  to
  de-install
  it
  and
  perhaps
  only
  pretend
  they
  are
  using
  it
  when
  management
  is
  present.)
  
   6)   
  Level
  of
  effectiveness
  it
  provides
  in
  combating
  viruses.
  
   Will
  it
  be
  effective
  against
  viruses
  produced
  by
  someone
  with
  an
  experience
  level
  of?
  
  
   Level
  1 -
  "Typical
  End
  User"?
  (Basic
  knowledge
  of
  using
  applications
  and
  DOS
  commands.)Level
  2
  -
  "Power
  User"?
  (Knowledge
  of
  DOS
  Command
  processor,
  Hardware
  functions,
  BASIC
  programming,
  etc.)
 Level
  3
  -
  "Applications
  Programmer"?
  (Knowledge
  of
  programming
  languages
  and
  DOS
  service
  calls.)
 Level
  4
  -
  "Systems
  Engineer"?
  (Knowledge
  of
  DOS
  and
  Hardware
  internal
  functions.)
 Level
  5
  -
  "Computer
  Science
  Professor
  that
  develops
  viruses
  for
  research
  purposes"?
 Which
  types
  of
  intrusion
  will
  it
  be
  effective
  against?
  
  
   "Covert
  Entry"?
  
  
   "Overt
  Entry"?
  
  
   Does
  it
  detect
  a
  virus
  attempting
  to
  spread
  or
  "clone"
  itself?
  
  
   Does
  it
  detect
  a
  virus
  attempting
  to
  place
  itself
  into
  a
  position
  to
  be
  automatically
  run?
  
  
   If
  a
  virus
  gets
  into
  the
  computer,
  which
  types
  of
  virus
  damage
  will
  it
  detect?
  
  
   "Massive
  Destruction"
  
  
   "Partial
  Destruction"
  
  
   "Selective
  Destruction"
  
  
   "Random
  Havoc
  Destruction"
  
  
   "Annoyance"
  
  
   Does
  the
  software
  detect
  a
  virus
  before
  or
  after
  it
  has
  infected
  a
  program
  or
  made
  its
  attack?
  
  
   Does
  the
  publisher
  claim
  total
  protection
  from
  all
  viruses?
  
   7)    
  Does
  the
  software
  provide
  any
  assistance
  for
  "post
  mortem"
  analysis
  of
  suspected
  problems?
  I.e.:
  If
  a
  virus
  symptom
  is
  detected
  and
  the
  computer
  is
  brought
  to
  a
  halt,
  is
  there
  any
  supporting
  information
  for
  analyzing
  the
  problem
  other
  than
  the
  operator's
  recall
  of
  events?
  
   8)   
  Impact
  on
  your
  machine's
  resources
  How
  much
  RAM
  is
  used?Is
  any
  special
  hardware
  required?
 9)   
  Is
  the
  product
  compatible
  with:
  Your
  hardware
  configuration.Your
  Operating
  system
  version.
  Your
  network.
 Other
  software
  that
  you
  use,
  especially
  TSR's
 10) 
  Can
  the
  package
  be
  used
  by
  current
  computing
  personnel
  without
  substantial
  training?
  What
  type
  of
  computing
  experience
  is
  required
  to
  install
  the
  package?
  
   11) 
  Background
  of
  the
  publisher.
  References…
  Who
  is
  using
  this
  or
  other
  products
  from
  this
  publisher?
  How
  is
  this
  company
  perceived
  by
  its
  customers?
  The
  press?How
  long
  has
  the
  publisher
  been
  in
  business?
  Was
  the
  product
  Beta
  Tested?
  By
  valid,
  well-known
  organizations
  or
  by
  friends
  of
  the
  company's
  owner?
  Was
  the
  product
  tested
  against
  any
  known
  viruses?
  Successfully?
  What
  about
  on-going
  support?
  In
  what
  form?
  At
  what
  cost?
  Does
  the
  company
  plan
  to
  upgrade
  its
  product
  periodically?
 What
  is
  the
  upgrade
  policy?
  Expected
  costs?
 12) 
  Does
  the
  package
  provide
  any
  other
  useful
  benefits
  to
  the
  user
  besides
  virus
  protection? 
    
 |