People say I'm paranoid about updating virus signatures. I'm in charge of the AntiVirus regimen here at our service company, and I make sure our servers download and distribute new virus signatures daily if they're available. It really doesn't require a lot from our pipe (at 256K burstable Frame Relay, the download takes less than five minutes), and I set it to go off at 10 PM so no one is on and it doesn't interfere with our backup.

Why am I so nuts about updating virus signatures? The current estimate is that there are 12 new viruses released into the wild per day. In a month, that's 360 new viruses. Our AV product (Norton Corporate Ed. 7.0) gets updated signatures about 7 or 8 times per month.

Here is an example of why it is critical for the virus definitions to be as current as possible. On February 28, 2000, our company received three documents from a rather large and reputable corporation, which I won't name, but its initials are General Electric. Two of the three documents were infected with a Word macro virus called W97M.JIM.A. Our Norton AntiVirus found the viruses and removed them before the documents were opened, preventing infection to the workstation and to the network, where we saved the documents. When we looked up JIM.A on the Symantec Website, we found that it was first discovered on February 15, 2000. We contacted GE and found that they were also using Norton AntiVirus, but that their system had not been updated since February 7. Our system, updated February 24, found and removed the viruses that their system did not even know that they had!

Bottom line: Just having virus protection is not enough. Make sure you update your signatures according to your software's directions at least weekly.

------------------
R. Bret Walker, CNE