Feeds

Encryption vs anti-virus

Is there a way past the deadlock?

  • alert
  • submit to reddit

Top 5 reasons to deploy VMware with Tegile

The proper integration of encryption and anti-virus software is the only way to stop the two security tools continuing to work at crossed purposes, according to virus hunters at Kaspersky Labs.

Traditionally anti-virus and encryption, although opposite sides of the same coin, have not been particularly complementary.

Michael Kalinichenko, the technical director at Kaspersky, said that properly integrating the two was a big logical challenge, and that it had to be approached sensibly.

"If a company has its antivirus software outside the LAN, but the encryption software at the desktop, then a virus that arrives in an encrypted message can get into the LAN and will be able to move unchecked around the network," he said.

On the other hand, if the encryption program runs outside the LAN, then "you would need a group key which kind of defeats the object of the exercise," according to Bob Middleton, marketing director at Kaspersky reseller Oxford Solutions.

Another problem, according to Denis Zenkin, head of corporate communications at Kaspersky, is that people using both anti-virus and data encryption are often lulled into a false sense of security.

He explained that because the anti virus software's priority is to be the first program to handle any incoming data, in may beat the decryption algorithm to the file. "It is a question of configuration," he said, "But if a file containing malicious code is scanned while still encrypted, it would be given the all clear."

Although no concrete solution to the problem has been put forward, the fact that an anti-virus company is thinking in terms of encryption is an important shift in attitude. ®

Remote control for virtualized desktops

More from The Register

next story
Nexus 7 fandroids tell of salty taste after sucking on Google's Lollipop
Web giant looking into why version 5.0 of Android is crippling older slabs
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.