The answer to this question used to be a very complex “yes”. It used to be that getting all the protection you need involved running multiple programs. And, as you might expect, running multiple programs, if done incorrectly, can result in problems.
Today, things are simpler.
Become a Patron of Ask Leo! and go ad-free!
What you used to need
Once upon a time, you needed three separate types of security tools:
- Anti-virus: these tools scan for known patterns of data found within previously identified malicious software, or watching for those patterns in data being downloaded to your computer.
- Anti-spyware: these tools monitor for suspicious behaviors or changes on your system associated with software attempting to spy on you.
- Firewall: these tools block access to your computer over your network connection.
It was complex, because some tools in one category attempted to cover (or partially cover) one or both of the others — often poorly — and could easily conflict with other security tools installed.
No longer needed: a firewall
I want to remove firewalls from the discussion right away. It’s not that you don’t need one — you do — it’s that you likely have one (perhaps two) without even realizing it.
- Your router acts as a firewall. For many years, I’ve suggested that’s all you really need.
- Windows now includes its own software firewall, and since Windows 7, it’s enabled by default. This, too, would be enough by itself.
The two together handle any firewall needs quite well. I see no need to install an additional firewall.
Today’s standard: a single anti-malware tool
“Malware” — short for “malicious software” — is an all-encompassing term for viruses, spyware, and anything else we might consider harmful.
Anti-malware tools today cover both anti-virus and anti-spyware.
In many ways, this was inevitable, as the line between the two has become blurry. More and more viruses employ spyware-like tactics, and a lot of spyware acts more like a virus.
That the tools to scan for either would merge into a single effort only makes sense. And that’s what the industry has effectively settled on.
I used to say that a single “security suite”, as they were once called, typically compromised the quality of either the anti-virus or anti-spyware component. For example, they might be a good anti-virus tool being packaged with a lower-quality anti-spyware tool.
Today, that inequality has mostly fallen by the wayside, and you’d be hard pressed to find a tool that doesn’t address both adequately.
Windows 10: you have all you need
If you’re running Windows 10, you already have everything you need.
- The Windows firewall is enabled by default.
- Windows Defender is enabled by default, and handles all anti-malware needs.
You’re welcome to install an additional anti-malware tool if you feel the need. If you do, Window Defender will turn itself off and stay out of the way, so you’ll still only be running a single anti-malware tool.
Multiple anti-malware tools can cause problems, which is why Defender steps aside. The same is true if you install even more security software. The potential for conflicts between the software increases, which, in the worst case, can prevent any of them from working properly.
You need only one, and for most people, that one is Windows Defender.
A case for more than one
There is one scenario in which an additional anti-malware tool might be called for.
If, for some reason, you suspect malware has made it past the anti-malware tool you run normally, it’s advisable to download and run a different tool, from a different vendor, and run an additional scan.
If your primary anti-malware tool is Windows Defender, remember that it steps aside if another anti-malware tool is installed. That mean you’ll either need to switch to the new tool you’ve just downloaded and installed, or you’ll need to uninstall it once you’re done, making sure to confirm that Windows Defender is enabled once again (just check its settings).
Note that when installing an additional tool alongside another that doesn’t step aside, it’s important to avoid enabling any “real time” scanning, as that’s where multiple anti-malware tools most commonly conflict.