Adapted and excerpted from The 2014 Solo and Small Firm Legal Technology Guide, published by the ABA Law Practice Division.
Security software provides an important line of defense against malware, including viruses, Trojan horses, worms, and other external forces. Even in a solo or small firm network, your client data is of the utmost importance and securing your computers, servers, smartphones, and information should be taken very seriously. The top security protection suites providing antivirus, antispyware, and antispam protection for are discussed below, with recommendations regarding the setup and configuration of the software.
The software selections described in the stand-alone section are primarily for the computers and laptops of solo practitioners.
We no longer recommend stand-alone products for targeted protection, such as antivirus protection. This type of software is not sufficient today to keep your systems protected. The Internet security suites are the only way to go, where you get much more functionality, features, and protection for your computer at a much more affordable price.
Solos and small firms should definitely consider acquiring a single integrated product to deal with spam, viruses, and malware. Norton’s security suite is a top seller for the single computer market, but we highly recommend avoiding the Norton Internet Security Suite software. We continue to find it, along with McAfee, to be a heavy load on computer processing, and it causes stability problems with many programs. It is also hard to remove once installed without causing further damage to your system.
We continue to remove McAfee from our clients’ computers because of performance issues. Maybe it’s our bad luck, but Norton and McAfee seem to cause our clients the biggest headaches.
For those users who want avoid the problems caused by Norton and McAfee, we recommend using Kaspersky Internet Security 2014, especially if you like your security suites to be hassle-free. This product contains firewall, antivirus, antispyware, rootkit detection, antispam protection, and much more. The antivirus engine that Kaspersky uses has been consistently highly ranked by independent testing labs.
The firewall included with this software provides two-way protection, scanning both incoming and outgoing network traffic, effectively blocking any hacker attacks against your system. The automatic exploit protection engine watches program behavior and aims to block zero-day vulnerabilities in the most commonly used software. The anti-phishing engine and URL advisor will keep you safe from drive-by malware while browsing the Internet, and the anti-banner blocks annoying banner and other advertisements on web pages. With all the bonus features included in this protection suite, purchasing this product is a very good deal. Kaspersky is available directly from www.kaspersky.com and costs $59.95 for one-year protection on up to three computers. This is an excellent choice for the small firm environment and it is even Windows 8 compatible.
Enterprise versions of integrated security solutions are designed for small, medium, and large computer networks, and the software administration is performed from the server rather than on each individual computer system. The client software is installed or pushed from the central server to the local workstations with little or no effort. The server supplies the clients with program and definition updates and provides an interface to centrally manage all clients from a single console. Of course, enterprise licenses are a little bit more costly than purchasing a single license, but not by much. Even with the slight increase in cost for an enterprise license, you’ll more than make up for it on the money you will not have to pay your IT consultant to manage and support the product.
Integrated Security Solutions
Kaspersky Business Space Security protects Windows, Novell NetWare, Linux-based servers (including 64-bit versions), and even Mac computers from all types of malicious programs and threats. The product provides protection from threats such as viruses, Trojans, worms, keyloggers, malware, rootkits, bots, etc. This is now the standard that we are seeing in the security product market. Former providers of antivirus software are providing protection from spyware and other malware, offering a more complete security solution to their business customers and all but eliminating the need for multiple applications to protect your systems from viruses and malware. This software provides real-time protection by scanning all files that are opened and quarantining infected files. The application can scan specified areas of the file system based on preconfigured, scheduled scans or on demand from the administrator. The scanning of critical system areas, such as running processes and startup objects, helps prevent malicious code from launching, and the ability to scan inside compound files provides an extra layer of protection.
Kaspersky Business Space Security software is a scalable security solution, allowing administrators to define the number of instances of the program they would like to run simultaneously to accelerate the processing of server requests. The software offers flexible administration through centralized installation and control. The administration tool can be used centrally to install and manage client applications and, once they are downloaded and installed, to push updates to the clients for rapid deployment of critical security updates.
Kaspersky Business Space Security, similar to other integrated security solutions, scans not only for viruses but also for other threats and malicious programs, such as spyware and keyloggers. In most instances, this solution can serve multiple functions. We use this security solution on our network systems to provide us with complete malware protection. By using an integrated solution that is capable of handling both antivirus and antispyware protection, we have one less product to purchase and renew on a yearly basis. The product also allows for different configuration settings depending on the type of network to which your computer system is currently connected, similar to the way Microsoft Windows 7 handles the different firewall settings.
As the security of smartphones is brought to the public’s attention, more vendors are integrating smartphone security with their products. Kaspersky is no different. Kaspersky Business Space Security offers to protect smartphones from data leaks, malware, and viruses, and it also allows an administrator to remotely lock and wipe the device should it be misplaced, stolen, or lost. Some of the additional key features include GPS tracking, SIM card monitoring, privacy protection, and folder or device encryption. The antispam protection feature works to block both unwanted calls and text messages. Currently, Symbian, BlackBerry, Android, and Windows Mobile smartphones are supported by this product.
Notice that there is no support for iPhones. The sad reality is that Apple does not allow any access to the inner circles (kernel) of the operating system, where security software needs to be to run effectively. As a result, no vendor has a truly complete security solution for the iPhone or iPad.
You’ll just have to trust that Apple has secured the device appropriately, but we have our doubts. Just look at the number of security fixes and patches that are regularly released and how quickly an iOS device is jailbroken as soon as a new iOS version is issued.
There is a 10-license minimum purchase for Kaspersky Business Space Security software. Cost for the product begins at $39 per license and includes technical support and upgrades for a year. Kaspersky is priced much lower per license than its competition and is an affordable, complete security solution that is rapidly taking over the market. This software product is offered for purchase with one-, two-, and three-year subscriptions. Licenses can be obtained directly from Kaspersky’s website (www.kaspersky.com) or from any authorized reseller.
Besides Kaspersky, we also recommend using the enterprise product from Trend Micro. Symantec has fallen from favor, especially since the introduction of its Symantec Endpoint Protection product. We have been diverting clients away from Symantec because of significant performance and stability problems and at this point no longer have any clients using this product. Independent testing has shown that Symantec is improving its product with each new version. It is getting better at detection, is less problematic with software conflicts, is more stable, and is not nearly the processor load that prior versions experienced. Even with these improvements, we are reluctant to suggest Symantec.
Trend Micro Worry-Free Business Security is a highly regarded product that is available in three editions: Advanced, Standard, and Services. We don’t recommend the Services solution, as the entire configuration is set up and maintained by Trend Micro as a hosted solution.
All of the editions include antivirus and antispyware capabilities, as well as advanced security features such as the ability to limit or prohibit the insertion and usage of USB devices attached to company computer systems. The software will protect both servers and computers from malicious threats and will automatically change settings on laptops to protect employees when they are out of the office. The software will monitor active processes and applications to prevent unauthorized and harmful changes to your computers. Unlike the Standard Edition, the Advanced Edition includes antispam filtering for Microsoft Exchange Server as well as multilayered spam protection, and it offers protection for Mac clients and servers. Cost for the product starts at around $37 per license for the Standard Edition and $62 per license for the Advanced Edition, which includes technical support and upgrades for a year. This software product is offered in one-, two-, and three-year subscriptions, and licenses can be purchased directly from Trend Micro’s website (www.trendmicro.com).
For antispam protection, we have previously recommended Google’s Postini service. Google has since discontinued offering this service. We now use McAfee’s SaaS Email Protection & Continuity service and love it so far.
McAfee’s antispam solution is a lower-cost alternative service for e-mail antispam and antivirus without any of the headaches that come along with other products, including the products you actually need to install and run on your e-mail server. Note that your e-mail flow will be rerouted so that it goes through McAfee’s servers before being delivered to your mail server or e-mail client. You can purchase the McAfee service directly from the vendor or through a reseller. McAfee’s SaaS Email Protection & Continuity solution provides a web-based interface to manage the quarantine, where spam messages are held. Users receive a quarantine message in which they are provided with a summary of the e-mail messages quarantined throughout the day. From this message, a user can choose to release a quarantined message with just a simple click of the mouse. That’s all you need to do to release a captured “false-positive.” As the administrator of the account, you can choose when and how frequently you’d like your quarantined summary delivered, whether at the close of business or sometime overnight and whether just once a day or a couple of times throughout the day.
McAfee also has a “mail bag” feature included with this recommended solution. This feature spools your e-mail in the event you lose your Internet connection or your e-mail server goes down. Once your connection or server comes back up, McAfee will feed you the e-mail that it held during the outage, which means you won’t lose any e-mail even if your server goes down for a period of time. Even while your server is down, you can access your e-mail from the McAfee portal. In other words, you will not be without e-mail even when your server goes down. Some may think that is a curse rather than a benefit, so we’ll let you choose.
McAfee has a very good reputation for quality service, and clients seem to be very happy with it. Since we started using this product this past year, most of our clients have switched as well (now that Postini is defunct), and the feedback continues to be excellent. You may need to “tweak” the default rules a bit upon initial installation since McAfee is pretty aggressive in blocking messages. As an example, by default any message with the word webinar in it is blocked. That doesn’t work for us since we attend (and give) a lot of webinars. Modifying the spam rules is easy, but your administrator should take on this task if needed.
McAfee provides 24/7 technical support; automatic maintenance and upgrades; and a monthly, annual, or multi-year subscription. This product can be purchased directly from McAfee’s website and costs start at $27.90 per license for a one year subscription.
For more advice about the best legal technology of the new year, pick up a copy of The 2014 Solo and Small Firm Legal Technology Guide, published by the ABA Law Practice Division.