Feeds

Encryption vs anti-virus

Is there a way past the deadlock?

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

The proper integration of encryption and anti-virus software is the only way to stop the two security tools continuing to work at crossed purposes, according to virus hunters at Kaspersky Labs.

Traditionally anti-virus and encryption, although opposite sides of the same coin, have not been particularly complementary.

Michael Kalinichenko, the technical director at Kaspersky, said that properly integrating the two was a big logical challenge, and that it had to be approached sensibly.

"If a company has its antivirus software outside the LAN, but the encryption software at the desktop, then a virus that arrives in an encrypted message can get into the LAN and will be able to move unchecked around the network," he said.

On the other hand, if the encryption program runs outside the LAN, then "you would need a group key which kind of defeats the object of the exercise," according to Bob Middleton, marketing director at Kaspersky reseller Oxford Solutions.

Another problem, according to Denis Zenkin, head of corporate communications at Kaspersky, is that people using both anti-virus and data encryption are often lulled into a false sense of security.

He explained that because the anti virus software's priority is to be the first program to handle any incoming data, in may beat the decryption algorithm to the file. "It is a question of configuration," he said, "But if a file containing malicious code is scanned while still encrypted, it would be given the all clear."

Although no concrete solution to the problem has been put forward, the fact that an anti-virus company is thinking in terms of encryption is an important shift in attitude. ®

Next gen security for virtualised datacentres

More from The Register

next story
Why has the web gone to hell? Market chaos and HUMAN NATURE
Tim Berners-Lee isn't happy, but we should be
Linux turns 23 and Linus Torvalds celebrates as only he can
No, not with swearing, but by controlling the release cycle
Apple promises to lift Curse of the Drained iPhone 5 Battery
Have you tried turning it off and...? Never mind, here's a replacement
Sin COS to tan Windows? Chinese operating system to debut in autumn – report
Development alliance working on desktop, mobe software
Eat up Martha! Microsoft slings handwriting recog into OneNote on Android
Freehand input on non-Windows kit for the first time
This is how I set about making a fortune with my own startup
Would you leave your well-paid job to chase your dream?
(Not so) Instagram now: Time-shifting Hyperlapse iPhone tool unleashed
Photos app now able to shoot fast-moving videos
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.