Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

What's the minimum amount of internet security software I need?

Question:

I have 32 bit version of Widows XP running on cable connection. What is the
bare minimum a single user needs to protect himself from malware, viruses and
such? Right now I use Zone Alarm, AVG professional, Windows internet security
settings, ad aware, spaminator, Advance system care and IO Bit, Glary
Utilities. Some of these have passive features that run in the background, like
ad aware and IOBIT and maybe system care and who knows what else may be
running. I’ve been nailed by a trojan twice, and lost all each time. Then
sometimes when AVG finds something, says it is locked or archived and can’t do
anything. Anyway, back to original question. What would you use on your PC if
you were me for security that would cover all bases without the apps stepping
on each other’s toes making problems worse.

One of the common scenarios I see are folks that have many more internet
security tools and software running than they need. Way more.

And of course they wonder why their system is a slow as molasses.

I don’t know if you’re in that boat, but that does seem like a long list of things. Too long for my tastes.

It doesn’t have to be complex, but there are definitely a few things that
most people don’t realize or think of when it comes to internet security.
I won’t share what I would do; I’ll share what I
actually do. What you should do is very, very similar.

]]>

The Single Most Important Internet Security Tool

The most important tool you should run is not something you may think of as an internet security tool at all. And as important as it is many people don’t run it, and they should.

In my opinion the single most important tool you can run when you’re concerned about internet security is a regularly scheduled backup.

“Beyond these basics I rarely see a need to install or run additional tools, scanners, protection services or whatnot on a PC. “

No, it won’t protect you from anything – however what a good backup will do is allow you to recover from almost anything that happens to your personal computer.

And don’t fool yourself into thinking that with the right protection you’ll never have a problem – it can still happen even with the best available security setup possible. There’s simply no such thing as perfect security. Even if you’re doing everything right your machine runs a risk of still getting infected. Having a backup – ideally an image backup of your entire machine – will allow you to “undo” whatever problem might arrive on your machine with absolute certainty that the issue is gone.

That’s something that only a backup – or a reformat and reinstall – can do.

The Big Four

The basics of computer security software fall into four basic buckets: firewalls, anti-virus tools, anti-spyware tools and staying up-to-date.

Firewall

You need a firewall. This can be in the form of a router that you computer connects to the internet through, or it can be software installed on your machine.

I prefer the router approach, because it requires no additional software on your machine. Routers are inexpensive, and they give you complete protection against network based threats coming in from the internet.

Alternately you can make sure the Windows Firewall is enabled, or you can install additional more comprehensive firewall software that would monitor outgoing as well as incoming network behaviour.

Firewall: you need one. And you only need one.

Anti-virus

You need a good anti-virus package. There are many, of course, and there are a few free ones I recommend.

Anti-virus is one of the areas where I see people thinking “if one is good, two must be better!”. Unfortunately it doesn’t work that way. As you’ve pointed out many anti-virus solutions install software that runs continuously to monitor for incoming threats. Unfortunately, if two (or more) different anti-virus tools both have this continuously running software they can come into conflict with each other. The result at best is a slower system, and at worst is viruses being missed, or benign files being erroneously flagged as containing a virus.

Anti-virus: you need one, and should only have one installed and running at any given time. It’s sometimes handy to have additional packages available to help diagnose a threat as needed, but only as needed. They should never be installed and operating continuously. For most folks I recommend settling on a single anti-virus tool and leaving it at that.

Anti-Spyware

You need a good anti-spyware package. This is in addition to your anti-virus tool. While the line is often blurred between the two, viruses and spyware are technically two different animals, and the corresponding anti-virus and anti-spyware tools use different techniques to do their jobs.

Once again, there are many, and once again there are a few free ones I recommend.

Anti-spyware: you need one, and once again like anti-virus you should only have one running at a time. Anti-spyware tools also have components that run continuously and if multiple anti-spyware tools are running at the same time they can come into conflict.

Staying Up To Date

Vulnerabilities are being discovered in software all the time. They may be the result of bugs that have been in place for years, or they may be the result of unplanned for usage scenarios, or they may simply be an unexpected side effect of a recent bug fix or feature addition. Regardless of the reasons, vulnerabilities are being discovered regularly in all software, and as a result new malware is constantly being written to immediately take advantage of those machines that have yet to be patched to resolve the problem.

The solution is simple: stay up to date.

In general, that means making sure that Windows Update is enabled and configured to automatically install updates. Make sure that your anti-malware tools above, as well as most applications on your machine are also configured to update automatically as well.

Automatic Updates: turn them on.

Beyond the Basics

The tools above are enough. In fact, they represent what I actually run on every machine I own. Beyond these basics I rarely see a need to install or run additional tools, scanners, protection services or whatnot on a PC. I know some feel otherwise about some favorite tool or service that they’re quite happy with; that’s great. You can evaluate each on it’s own merits, but my position is that they’re not required, particularly when looking for the bare minimum tools to run.

Common Sense is Not Optional

Contrary to what I said above, the most important security tool isn’t actually software that you install on your computer. It’s not a service you sign up for, and it’s not a website you visit.

The most important security tool is really you.

There is no security setup that will protect you from yourself. If you elect to visit questionable web sites, ignore warnings that you don’t understand, allow software to be downloaded and installed on your machine regardless of its source, or regularly click on links or open attachments in email you don’t recognize … nothing you install on your computer will protect you.

The good news is that common sense requires no RAM, no hard disk space and takes no CPU cycles.

You just have remember to use it.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

13 comments on “What's the minimum amount of internet security software I need?”

  1. Leo has some good advice here.
    Lets see…
    I use the Windows firewall, along with Defender (free).
    I use Avast! Antivirus Home edition (free).
    This has realtime background ‘shields’, though I don’t know if it runs sceduled scans. I run scans myself regularly.
    I use Seek & Destroy anti-spyware (free).
    This also has realtime checking, and I manually scan and protect my system regularly.
    I pay a visit to Trent Micro’s HouseCall (free) for an online scan if I’m feeling paranoid.

    Reply
  2. Good advice on the Backup and Common Sense! I run a layered defense that I describe on my Free Computer Protection page that reinforces everything you say in this post. The program I would recommend everyone use is WinPatrol. It’s light on system resources and has some nice features for both security and controlling startup programs.

    Reply
  3. Automatic updates?

    No, NO! Turn them OFF!

    But DO be sure to visit the Microsoft Update page, religiously, about ten days after (you’ll see why in a moment) every Patch Tuesday, and click Custom (NOT Express!) so that you can see precisely what updates you are getting.

    Be sure to subscribe to “Windows Secrets”, which gives you the low-down on which updates are problematical, and should be skipped. (This is why I said earlier to wait ten days after Patch Tuesday — “Windows Secrets” needs this time to examine the various patches and/or to receive complaints or reviews about them from subscribers). Not all patches are useful to you, and some may actually be harmful (How about that! Microsoft, the very maker of your computer’s operating system, distributing a harmful patch! Who woulda thunk it!?). I’ve “hidden” more than one update in my day; believe me, you’ll end up doing the same.

    The person who enables Automatic Updates and simply takes absolutely “EVERYTHING” as it comes is, in my opinion, begging for trouble.

    Automatic Updates is for simpletons who are too stupid to know how to use a computer.

    If that shoe fits, you’re more than welcome to wear it — please, enable Automatic Updates and good luck to you.

    Otherwise, turn them OFF, and go the Manual route.     :)

    Needless to say, we disagree. Smile

    I understand the position you’re taking – and for most somewhat technically astute people it does in fact make sense. Even I have automatic updates set to download but not install so I can review the updates before they’re applied.

    But I believe that this is expecting too much of the average user. Evaluating whether a specific update is safe or not just isn’t something that I think makes sense to ask people to do so – even with the help of Windows Secrets. The only viable alternatives for the average user are no updates at all (a non-starter for many, many reasons), or to take all automatic updates automatically.

    The good news is that the number of times that an automatic update has affected large numbers of people is actually very small.

    Leo
    25-Jun-2010

    Reply
  4. Great advise. Although not mentioned in this article, there are a completely different host of potential problems that are possible if connected to the internet in a free hot-spot such as a coffee house or hotel. This is something I am trying to figure out now myself, but I do not believe the above completely protects you in this situation.

    Reply
  5. Respectfully,parts of the advice might be a tad out of date.
    Microsoft Defender has been replaced by Microsoft Security Essentials which is a free antivirus/anti spy suite and is ‘live’ therefore other programs should not be run live as well or conflicts and speed issues will occur.
    Win Patrol{Google} is an excellent adjunct to MSSE which does not conflict.Win Patrol just reports & asks is it OK when other software tries to make critical alterations to your system.A free version is available.

    Jp

    Reply
  6. I thought your comments about back up being the most important item was thought provoking for me. Even though checking/having security etc, I got a wopper of bots/virus/trojans and nothing would resolve it and had to reformat it was so deep/bad! My question about back up is when I clicked on a link (from India I believe) it when I got in trouble. PC was completely taken over more each day; I would like to know if my backup contains that link, am I at a loss for the last years links I saved? Is there anyway to print out a >list
    Can you please email with your thoughts.

    Reply
  7. Thanks for the advice Leo, it’s great to have you provide this kind of information. I imagine there are plenty of people out there who simply do not have the time or the interest to visit a website once a week and spend more time deciding which updates they need or don’t need to install. I think most people that I know just want something that works and I believe your approach is probably as good as it gets for the majority. I’m sure there are plenty more technically minded people like Glenn P. out there that could follow a different approach – but then I question why they need to be looking at your post in the first place when they are clearly not your audience!

    Reply
  8. Regarding “back-ups”. I need some help. Though careful surfer, I had a complete take over of my PC after downloading a link in India. It was so bad; reformatted. I think in my backup copies (I don’t know *how far back*) lurks the link that was trouble; I >THINKopening

    Reply
  9. There is no “minimum” amount of internet security. The more the better. Especially when it comes to spyware which seems to be more of an issue than viruses nowadays.

    There are plenty of good free antispyware programs you can download and install.

    http://www.onlinecomputertips.com/spyware/

    There is most definitely such a thing as too much internet security. Having too many security programs is, in fact, one of the most common reasons for excessive system slowdowns. You need to be careful and choose wisely, not just pile on more.

    Leo
    09-Sep-2010

    Reply
  10. I emphatically agree with Leo’s last response, which is why I don’t use any, other than AdAware and Spybot S&D both of which I use only infrequently and they never find much. But I do use Opera, which is less of a target for malware even than Firefox, and I block most adware and delete all cookies on exiting the browser.
    The best piece of advice Leo gave is to use common sense, aka caution. All the malware in the world won’t offer complete security, because there’s always the timelag from a vulnerability being discovered until the anti-malware software is updated.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.