Saturday, April 26, 2008

Managed Security Services: the home-users edition

If you think about security problems nowadays, it would be either corporate security problems, or home-users security problems. Most security vendors are focusing on the first one, because simply there is the cash. But who will help the clueless end user, who got his new laptop or desktop and he has nothing to do with Internet security. Ok, you may tell me that OEM shipped computers come with antivirus already installed there. Stop! Norton Antivirus has to be activated before it starts working. Also, evaluation versions run for 1 month, or 2 months. Then what? It will stop updating definitions or even stop working at all. Here where the problem starts, end users have to be managed somehow by someone. The nearest one is their lovely ISP. ISPs can play an effective role here, because the user is connecting through their proxy servers, DNS servers, web filtering servers …etc. But what if we add one more server to this mix, an Antivirus server! Let their marketing departments start new campaigns (ex. AV for everyone), gain more money, and build a secure Internet users community at the same time.

Technically, it’s not more than installing a corporate edition antivirus (clients/server) and deploying the agents to the paying customers who preferred to leave the antivirus management to the ISP’s technical support. What are the advantages of such a service? Well, it will fix many issues, such as (commercial AV licensing, insecure default AV installation, corrupted AV files which may stay for ever showing bogus notifications, updating definitions using the ISP hosted server which will defeat local poisoned AV vendor’s domain record (ex. ---> 127.0.01) which makes virus definitions update is impossible.

I hope that ISPs start taking some responsibility and stand beside their users, which make them better than the others.

If you have any comment, share it with us here …