FBI study shows 97 percent of organizations have anti-virus software installed, yet 65 percent have been affected by a virus attack at least once during the previous 12 months.

London, UK, 5 October, 2006 – GFI, a leading provider of network security, content security and messaging software, today issued a stark warning to businesses across the United States about the dangers of deploying a single anti-virus engine.

GFI’s new white paper, “Why one virus engine is not enough,” reveals that organizations relying on the protection of a single anti-virus engine are actually leaving themselves exposed to a severe and constant threat from all forms of malware. The white paper outlines the fact that even though every anti-virus vendor in the market claims to have a fast response time, there is no single company that will consistently be the first and fastest to respond to a virus outbreak. Depending on a single anti-virus engine does not guarantee the quickest reaction to outbreaks every time, leaving productivity and business operations vulnerable to attack.

In addition, different anti-virus engines have different strengths and weaknesses. Some engines excel at identifying a certain type of malware while others excel at other types. As with reaction times, there is no one anti-virus engine that can guarantee protection from every type of malware – from trojans to spyware. The use of multiple anti-virus engines irons out these weaknesses, ensuring the highest level of protection from every type of threat.

While no organization would rely on a single security guard or alarm system to protect its most valuable physical assets from different threats such as theft, vandalism, fire and natural disaster, many still expect their data to be protected by a single anti-virus engine. This is a dangerous approach to take. The only practical way to guarantee the protection of your organization’s data – its most valuable asset of all – is by using multiple anti-virus engines. Using multiple anti-virus engines allows you to pool all the strengths of each different vendor, without being exposed by their weaknesses, ensuring you always get the quickest signature update.

“Having multiple virus engines ensures that there are different reaction times from different teams to address the problem,” said David Vella, Product Manager, GFI MailSecurity. “Our customers will always be protected by the anti-virus vendor team which delivers the signature files first in case of such virus outbreaks. Speedy reaction is key in identifying a virus, producing the virus signature and releasing it to the customer."

Andreas Marx, anti-virus expert with AV-test.org, agrees that a multiple anti-virus engine approach is the most comprehensive way for organizations to detect and combat virus attacks. "Studies prove that the best way to prevent virus introduction is with several layers of protection, which include multiple anti-virus scanners. Different anti-virus companies are using different ways to detect unknown malware proactively, for example, using heuristics or Sandboxing. When one company can detect 30 percent and another one can detect 20 percent of all newly released malware files, the combined proactive detection score might be boosted to 50 percent," Marx said.

The “Why one virus engine is not enough” white paper is available at http://www.gfi.com/whitepapers/why-one-virus-engine-is-not-enough.pdf.