Fact, fiction and managed anti-malware services
David HarleyNational Health Service Information Authority
Corporate stream: Friday 26 Sept 2003, 14.00-14.40.
Fact, fiction and managed anti-malware services
Not all of the assumptions on which the malware management ethos is founded have
changed since the 1980s. The anti-virus research community is aware of changes in malware
technology, and in malware management technology and methodology, as well as changing patterns
of deployment and end-user attitudes to the problem.
However, security software is not always sold or administered by experts. The end-user
community (system administrators included) varies widely in expertise and perceptual accuracy, of
course. However, many organisations delegate their malware management deployment and maintenance
to providers of managed services. However, experience suggests that a wide gap can exist between
the expectations of the customer, and the range and quality of actual services provided. This gap
tends to widen as the scale of the project and the complexity of the protected environment
increases.
Do researchers, customers, and product resellers offering one-fits-all management
services share the same perception of what a 'complete' management solution is? Is the provider
necessarily the best judge of best practice?
In this paper, we examine the full range of malware management functionality, and highlight some
of the areas where dissonance arises between the customer's expectations and those of the vendor.
