How to know if you need security software
Modern operating systems have built-in security software. Windows has Microsoft Defender1 for free. MacOS has its own built-in security2.
For many people these free security tools are more than enough protection.
That doesn’t mean you can ignore security risks. Far from it. Online security is more a state of mind than a product.
Online is a dangerous world
You will continue to rub up against risks. The online world is as dangerous as ever.
Yet, for many people paying for additional protection delivers little value. You are better off spending the money elsewhere. If, say, you run a business, it may be smarter to spend the money on training your staff about security risks.
Your computer security won’t be foolproof even if you buy the most comprehensive security products or services on the market. A clever social engineering attack can shimmy past the most sophisticated defences.
Passwords
The most common example is when a crook persuades a victim to hand over a password or otherwise let them behind the defences. No software will stop that.
Teaching people not to hand over information that helps a criminal to know or guess a password is better protection.
Backups
Backups are a powerful weapon in your armoury. If you make regular encrypted backups of everything you’ll recover fast if attacked.
This is an essential defence against ransomware attacks. If you have backups, your data can’t be held to ransom.
Given a choice between spending on security software or a backup service, I’d pick the latter every time.
You should make more than one type of back-up. Say, a cloud service and a local hard drive or server. Ideally that would be a removable hard drive that you can store somewhere away from your computer.
Soon you'll be able relax. But first, take some time to check your data actually is backing up as expected. You don’t want to leave it until it’s too late before you learn otherwise.
With one or more good back-ups in place you can recover from common attacks. You can buy commercial security products and services that include back-up as part of their deal.
Were you should spend on security
When do you need to spend on extra protection?
- If you deal with customer data or anyone’s personal data then you have a legal responsibility to protect that information from attack. Installing suitable security software goes part way towards meeting your legal obligations. Not having security could increase your liability. Security software can reduce the likelihood of attack, criminals find enough low hanging fruit to leave protected data alone.
- You need an extra layer of protection if you have valuable data including material you want to stay secret. This includes complex business plans or product designs.
- If you are otherwise a potential target for online criminals. This can include having valuable IP that crooks or government sponsored attackers might want. There’s a similar risk if you work for a political party or a campaign where there’s a sizeable community that would be happy to embarrass or otherwise expose your information.
- If you indulge in risky behaviour online. This can mean activity like illegally downloading material or visiting dodgy streaming or gambling sites. In cases sites at the darker end of the web are fronts to find victims.
- If you run a small business where employees are on a local network or you have a home system with teenagers. Sure, you trust people, but you can’t be certain they won’t make mistakes, either by indulging in risky behaviour or being susceptible to scams. They might not care as much as you about staying safe. Spending money on security is easier and less stressful than attempting to monitor and police other people’s activity.