Antivirus in the cloud: Is remote security remotely secure?

Does it make sense to offload critical security tasks to a remote machine? We expore cloud security products and their benefits

Nate Lanxon Special to CNET News
7 min read

Cloud computing: letting servers do the hard work so your netbook doesn't have to.

But does it make sense to offload critical security tasks to a remote machine? Is it wise to rely on something as potentially fickle as a network connection for your security, the protection of your files and your privacy?

In this feature, we explore the current state of cloud security products, their benefits and whether they have a place in the future of home computing for average users.

Our conclusion sits at the end of this feature, as you might expect, but there are two key advantages to using cloud-based antivirus:

No more definition files

The best way to allow digital swine flu to contaminate your machine is to not have an up-to-date definition file. Definition files are the databases stored by an anti-virus program on your computer that essentially tell your scanner what it's looking for. Problem is, if it ain't up to date, you ain't safe. With a good cloud-based AV product, however, these files are no longer needed, as all information is up-to-date online.

Outsourcing processing power

Almost every antivirus product we looked at used Web-based servers to process information. This is good news for netbooks in particular, which are often underpowered, with limited memory for running background processes. Netbooks were always supposed to be geared towards running Web apps, and the lightweight clients and Web apps we tested fit this ideal perfectly.

Which brings us to our guide. It's split into four key areas:

  • Complete real-time cloud-based protection
  • On-demand scanning and cleaning
  • Scanning an entire computer from a Web site
  • Scanning single files from a Web site

We begin with entrusting the cloud to protect your entire computer in real time...

Panda Security has been producing antimalware and security products for desktop PCs since 1990, and late last year its desktop suite scored well during virus-detection tests. This is its first cloud-based antivirus product, currently in beta.

It does several interesting things, but first and foremost it uses a centralised virus definitions database, stored on Panda's servers. This means you're always having your computer monitored, scanned and protected by the latest, up-to-the-minute database of known threats.

The other advantage is that as new threats are caught on a user's computer, they're scanned, analysed and disinfected in the cloud, supposedly within minutes. Protection against these new threats is immediately made available to all other connected users without any need for them to update their software.

That is, as long as you're connected to the Internet. The app does store an offline database on your machine as well, but this database will become outdated for as long as you remain offline -- the traditional vexation of antivirus apps. Of course you can't contract new viruses while offline, but one may become active if you execute a file for the first time.

 Panda Cloud Antivirus will still protect you without an Internet connection

The software is lightweight, and takes up very little memory on your computer -- just 5MB of RAM on our infected netbook, in fact. The interface is clean and simple, and although scanning an entire hard disk seemed a little slower than with conventional applications, it successfully detected viruses we knew were on our machine, even when we axed our Internet connection.

Panda Cloud Antivirus is in beta, and until released as a stable release we can't advise you ditch your current security for it. This is the most exciting cloud-based antivirus product we've seen to date, however, and an intriguing take on exploiting the wisdom of the crowds' infected machines to protect other users in real time.

In an impressively extensive security test, the software was scored favourably by PC Mag's security expert in lab tests. You can try it for free here.

Next: On-demand scanning...

Hitman Pro 3.5 is a lightweight anti-malware program that can be run directly from a hard disk, a USB thumb drive, a CD or any other way you can think of. It doesn't need installing, so within a couple of clicks after firing up the .exe file you're being scanned. And this is where things get interesting.

Interesting, because for each file flagged by the software as having the potential to unleash binary smallpox, a signature is created and uploaded securely to Hitman's severs, where it's analysed by several companies' antivirus engines to see whether it's a known danger or not.

For completely unknown threats, the file itself is encrypted, compressed and uploaded for analysis. We spoke to Hitman to ensure no-one was peeking at these uploaded files, and we were informed the entire process is automated, with no human eyes viewing these uploaded files. After all this, you review what diseases your files have, and Hitman offers to clean them.

Uploading questionable files

Although your files are being scanned by multiple engines to ensure all disease-ridden executables are snatched out of harm's way, however, it offers no real-time background monitoring for new viruses. It's also completely useless if you're not connected to the Internet -- it simply refuses to run.

So without real-time protection, and without offline functionality for emergencies, it's going to be best used hand-in-hand with another product. But it's a valuable tool to have on a thumb drive for emergencies or for daily scanning of an underpowered netbook.

Next: Scan your entire computer from a Web site... 

Web-based virus scanners are dead easy to use -- that's right, as easy as dying (whoever invented that metaphor needs medical attention) -- since they just run in your Web browser. They won't monitor your computer for any infections you snag on your dirty Interweb travels, but if you need to give your machine a once-over, there are a number of free and easy options.

The online apps run as either ActiveX plug-ins (inside Internet Explorer) or as Java apps (inside any modern browser), and they're fast. No, wait, the other thing: tedious and slow. When launched, they'll download the scanning engine and the latest definition files. Always bear in mind that you're only scanning for current infections, and not protecting yourself against future ones.

Also, you may find some scanners only tell you you're infected, and suggest you buy that company's antivirus software if you want to be cured. Kind of like, "Haha, you've got malaria! I'll just sit here and watch. Oh, would you like to buy some quinine?" What a fiend!

Incidentally, all the Web-based scanners we recommend below are from companies that also offer full-size desktop antivirus and security software packages.

Kaspersky Lab
Kaspersky's Online Scanner is a good first choice. Like most of these Web-based scanning services, it's free and just runs as a Java application inside your browser. Click to scan, choose whether you want your entire machine scanning or just certain critical areas (such as the Windows system folders), and off it goes. It can take several hours to scan an entire machine, but will offer to clean and heal any virus and infections it finds.

BitDefender's Online Scanner is similar to Kaspersky's, but obviously uses its own virus database. It's also an ActiveX application, meaning it'll only run in Internet Explorer. It's a lightweight and simple option for scanning an entire machine, requiring only two clicks to get a full scan underway. You're offered a list of healing options, such as disinfection and deletion, and can scan files as well as hard disk boot sectors. You will have to put up with a large display advertisement promoting BitDefender's paid-for desktop packages, but it's a small price to pay for free scanning and cleaning.

Trend Micro
Trend Micro's HouseCall is another Java app, similar to Kaspersky's. The company is currently testing version 7.0, which runs as a stand-alone application similar to HitMan Pro. It's much faster than the online scanner, and detected the viruses on our machine. It looks a whole lot better than the Web-based version 6.5 that went before it too.

Don't forget you can use all three of these options (in succession, not concurrently) to make sure you're thoroughly scanned and cleansed.

Next: Scan individual files from a Web site...  

Need to check a single file for a virus? There's a Web app for that -- several, in fact. With these scanners you can check individual files quickly for infections, rather than having to load up a desktop program, update its definitions and launch a scan. We've got two suggestions.

Kaspersky Lab
Kaspersky's File Scanner works like adding an attachment to an email: choose the file on your computer and click submit. Your file is scanned, and if a virus is found... well, you're going to need to get it cleaned, because these tools only tell you if a file is infected. Best fire up one of the free virus cleaners mentioned on the previous page. Note also that Kaspersky's file scanner only allows files up to 1MB to be uploaded.

Virus Chief
Interesting one, this. The principle of Virus Chief is the same as Kaspersky's File Scanner, only instead of your single uploaded file being scanned by one company's antivirus engine, it goes through ten -- Antivir, Avast, AVG and BitDefender's, to name just four at the beginning of the alphabet. This way you're getting ten opinions on whether you need to bother getting that file cleaned.

Next: The thrilling conclusion...

We've been excited by the prospect of offloading security into the cloud. But at the moment, advising casual netbook users to consider migrating to cloud-based security is weak advice at best. It's just too early.

But there's a future there for sure, assuming platforms such as Google's forthcoming Chrome OS don't succeed in becoming some kind of netbook standard. Panda's Cloud Antivirus convinced us a solid cloud-based security model can work for lightweight PCs. But it's always, without question, going to remain a prerequisite for peace of mind that a robust, redundant offline backup system remains ready to step in for when a network fails, or can't pipe sufficient bandwidth to you, or an infection tinkers with your Intertubes.

What do you think? Your thoughts and opinions are hereby encouraged in the comments below.

Further reading

We've created literally a number of cloud-computing guides, from an introduction to backing up your PC to the advantages of Web-based office apps -- it's all clouds, all the time. Check them all out here.