The other day I put together a, and under my "must have" utilities I listed an antivirus tool. While many understood the logic of this and agreed with my decision, there were some who saw this as a silly indulgence.
It's not. In fact, choosing not to run antivirus on a Mac is a boneheaded move that people choose to make based on nothing more than fanboy idealism, and has no place in the real world. Doubly so if your Mac undertakes BYOD duties.
I consider security to be an important part of computer ownership. Security for me means keeping my hardware safe, keeping my data secure, keeping my network safe, and keeping the people around me safe. I'm a big believer that vigilance is a vital tool in the fight against malware, and that applying security patches in a timely fashion goes a long way toward keeping a platform safe.
But I'm also fully aware of the fact that there is no such thing as secure code. Operating systems are huge, and it doesn't matter whether that code is written in Redmond or Cupertino or somewhere else, it will be riddled with bugs. Windows XP was out for more than a decade, and saw three service packs and countless patches, but the bugs just kept coming. Patched bugs represent just the tip of iceberg when it comes to the actual vulnerabilities present in the code we are exposed to and use on a daily basis.
If you believe that your operating system is secure, you're deluding yourself. And if you try to tell others that your operating system of choice is better than someone else's, you're trying to delude others and don't be surprised if people think you're foolish.
When it comes to malware, I don't want it landing on my systems, I don't want it inhabiting my systems, and I don't want to pass malware on to others. That's the plan, and I work at achieving that by taking a three-pronged approach:
- Vigilance and care in what I download and install, where I visit on the web, and who I allow to access my system.
- Apply patches in a timely manner. Not installing a patch – unless you have a very good reason – is pure insanity.
- Keep an antivirus running to scan files and live on or pass through my system.
The final stage is important not only because it protects my system from malware – and believe me when I say that Mac malware does exist, just not in the same numbers as malware for Windows – but it also scans for Windows malware, which prevents me from passing on nasties to other people. A little RAM and some CPU cycles is a small price to pay to get an independent eye cast over the bits that flow into my Macs. OK, I only seem to catch Windows malware, but even quarantining that helps to keep my network safe, and prevents me inadvertently sending bad code to others.
I understand that antivirus can be expensive, but I can't understand the mentality behind spending hundreds – if not thousands – of dollars on hardware, and then paint a big bull's-eye on it for hackers and other online ne'er-do-wells. And even if your Mac purchase has left you strapped for cash, there are many free alternatives available to choose from.
So don't be a bonehead, and run antivirus on your Mac