Antivirus software is designed to detect, prevent and remove malicious software, aka ‘malware’. The definition of malware covers viruses, worms, trojans, and scareware; depending on the scanner used, it might also include other unwanted programs such as adware and spyware.
There’s not a school in the land that won’t already have some form of protection in place to guard against malware, viruses and hackers – but how can you tell whether the solution you’re using is the best one for your setting?
Schools have numerous options when purchasing antivirus solutions – Avast, AVG, F-Secure, McAfee and Sophos being some of the most well-known – but will benefit most from deploying one that meets their needs in terms of protection, scale and cost. I’d recommend that schools work with providers such as European Electronique (euroele.com), which can conduct security assessments that may reveal vulnerabilities that can be patched with appropriate antivirus software and other protections.
For many years, antivirus providers were able to update their malware signature databases faster than such malware could spread across the internet. Yet times have changed, and malware can now spread faster than ever before, before antivirus providers can even identify it. Virus authors have additionally started producing ‘variants’ – different versions of their illicit programs that function in the same way, but have deliberate changes in their signatures to evade antivirus software.
This might all sound pretty scary for a novice, but the key is to ensure your system is secured at multiple points using a number of different tools. The layered protection schools need to take involves approaching your security in a way that ensures any gaps are covered.
These interventions will include firewalls, endpoint security, cloud security and more. Ultimately, my advice to anyone new to this area would be to seek advice and listen to the professionals. A school’s critical layers of protection can be organised into the following two categories:
Protection against external threats
This applies to any form of intrusion prevention that safeguards a network against invasions from worms (which are harmful software programs that can distribute copies themselves without needing an infected host file to spread themselves, like viruses do) and other forms of malicious attack.
Firewalls and virtual private networks – which allow users to visit online destinations via a more secure encrypted connection – will help to protect your internet access points from letting said threats in. Any that manage to slip through can then be dealt with by your antivirus protection, which can be set to automatically eliminate viruses, worms and other forms of malware.
Protection against internal threats
Your network also needs to be secured against the actions of users, such as the downloading of illicit or dangerous files. This can be managed by putting secure web and email filtering in place, alongside a robust event management policy which should ensure that the event logs of all servers and workstations can be easily retrieved and that IT managers are alerted to any intrusions or attacks in real time.
Gary Spracklen is headteacher at The Prince of Wales School, Dorchester, a former Digital Educator of the Year and a member of the government’s Educational Technology Action Group.