Skip to content
twinstate technologies blog cybersecurity header wave
Evan ClarkJun 25, 2020 3:24:48 PM4 min read

Antivirus Software & Endpoint Protection: How to Secure Your Network

It’s less likely that you will be infected with a simple computer virus in 2020. Today’s malware focuses on generating money for the hacker, and there isn’t much money to be made in spreading traditional computer viruses. The odds are that you will be hit with ransomware, trojans that steal your data, or a bot that lets a “bot-herder” rent out bits of your computing power to be used for insidious acts. 

Block Ransomware with Endpoint Best Practices -- Download Your Guide

Computer Viruses

Computer viruses are damaging software that modifies computer programs by inserting their code into them. When "successful," computer viruses self replicate and do billions of dollars of damage every year.

The cybercriminals that write computer viruses rely on social engineering tactics and unpatched security vulnerabilities to spread their virus. 

The typical life-cycle of a computer virus takes place in four stages; the dormant phase, the propagation phase, the triggering phase, and the execution phase.

During the dormant phase, the virus has accessed its victim's computer or software, but it does not do anything yet. The virus will wait until a "trigger" gives it the command to execute. This trigger could be anything from a predefined date to the user taking a specific action, like double-clicking an icon.

In the propagation phase, the virus is fruitful and multiplies. The virus will start to insert copies of itself into other programs or areas on the disk. These copies are often altered in some way to make detection more difficult.

The triggering phase is designated when the virus changes from being dormant to being activated.

Finally, during the execution phase, the virus gets to work. The virus's payload is released, and the end user will begin to notice problems with their computer such as deleted files, the systemcrashing, or endless popups on the screen.

Stopping the Virus: Anti-Virus Software

What is antivirus software?

Antivirus software is computer software that is used to prevent, detect, and remove malware. Initially developed to combat computer viruses, antivirus software has evolved to protect against various computer threats including trojan horses, ransomware, and keyloggers to name a few.

Anti-virus apps stand guard over your device, scanning incoming files, quarantining and cleaning up harmful viruses. You have many options to choose from when selecting an anti-virus software.

It's crucial that you only have one anti-virus software installed on your device regardless of the software you decide to use.

Unfortunately, anti-virus programs aren't free of drawbacks. Some anti-virus solutions can reduce your computer's performance.

We recommend Sophos Anti-Virus. This program comes in both a home and business version with a number of tools, advice, and support.

Antivirus Scan: How does antivirus software work?

Generally speaking, there are two types of anti-virus software; specific and generic.

Specific scanning detects viruses by scanning files to look for a signature that matches up with a virus dictionary. When the software looks at a file, it references a database of known viruses and matches snippets of code with viruses defined in the dictionary database. 

When a virus is detected, the software will either attempt to fix the file by removing the virus, quarantine the file to prevent it from multiplying, or delete the file entirely.

Generic scanning doesn't look for a signature of known viruses, instead, it monitors the behavior of all your applications; this a good approach for identifying new viruses whose signature is not in the dictionary of known virus signatures.

The software will quarantine the application and alert the user to the threat when something suspicious is found. If the threat is found to be a virus, researchers will examine it, determine its signature, and add it to the dictionary of virus signatures. 

Antivirus vs Endpoint Security

The landscape for mobile threats is rapidly expanding as an increasing number of workers connect some combination of personal cellphone, laptop, and/or tablet to their corporate network. Antivirus solutions that only protect a single device won’t be up to the task of securing an enterprise network. This is where endpoint security comes into play.

What is Endpoint Security?

Endpoint security software is software that has been explicitly designed for enterprise clients to protect all their endpoints including servers, computers, cell phones, and IoT devices. Endpoint security stops malicious activity by identifying cyberthreats and securing vulnerable endpoints on an enterprise network.

A big difference between endpoint security and antivirus software is the scope of protection offered. With antivirus software, the only point of protection is the individual user's device that has antivirus installed.

Endpoint security delivers more comprehensive protection that extends to the network as a whole. This includes the devices connected to the network (endpoints) which can all be used as entry points for security threats.

Endpoint security stops these threats and protects your network, using a combination of a firewall, antivirus, anti-malware, and Host Intrusion Prevention systems.

Unfortunately, there is no fail-safe approach to cybersecurity just yet but Twinstate can certainly walk you through best practices that will put you in strong position for the future. If you have any questions, comments, or feedback reach out to us at

Call to Action: Endpoint Protection Best Practices to Block Ransomware - Download Now.

Block Ransomware with Endpoint Best Practices -- Download Your Guide