A Better Alternative to Anti-virus Software for Projection Machines
I don't use antivirus software. Nor do I use spam filters. Why? Because the ones I've used, and I've used a lot of them, have all irritated me so much that I've given up on using them. These tools, which are designed to protect us from the myriad of threats around us in cyberspace, slow my machines down to a crawl and seem to interfere with every aspect of the systems. They have caused communication problems for network access and RDP. Some have even caused BSOD incidents in certain scenarios. They label some things as spam that shouldn't be, and miss stuff that shouldn't be missed. Because of these and other reasons, I came to the conclusion that the antivirus/antispam cure was worse than the disease.
I say all of this to demonstrate that I follow my own advise. If you were to ask me if you should install antivirus software on your presentation machines, my answer is NO! Anti-virus software is a performance killer. When it comes to presentation machines, performance is paramount. Having antivirus software meddling with every file download or import interferes with the overall process. System-wide scans suck life out of the CPU which creates problems when trying to build presentations or when presenting during a service.
Many of you are gasping, "How do we protect our systems from viruses and malware without such tools?" Here are the system protection measures I recommend as a better alternative for projeciton machines:
1) Make regular image backups of your systems. This means complete copies of your hard drive on a regular basis. I recommend weekly backups for churches. If your system gets infected, simply restore the system drive to the most recent backup. If that backup is infected too, keep going back until you reach the point prior to infection. A good imaging tool (such as Acronis) makes it easy to schedule regular backups and to restore from a history of backups when necessary. Also, keep a copy of the original image just incase you need to quickly start over (GoFishMedia machines come with restore disk for this purpose.)
2) Use a separate drive for your data files (such as drive D:). In the event you need to restore your system disk (typically drive C:) to a previous image to fix a virus or malware problem, having separate drives will let you restore the system drive without touching your data files. If you do put your data files on the same drive as your system, then at least use a separate backup process on a regular basis to back those files up as well. This will make it easier to restore your data files after re-imaging the system drive.
3) Do not use Administrator accounts. Make it a practice to log in to a limited user account. If your system happens to acquire a virus or malware while in a limited user account, the infection will be limited to that account only, but the system itself should remain uninfected. Eliminating an infection at this point simply involves deleting the user account on that machine, then re-adding it.* The infection associated with the user account has been removed, but the system itself is still clean. Using your machine with an administrator account, however, nearly guarantees that a virus or malware infection will become system-wide.
Another good thing about implementing items 1 and 2 is that you'll be better protected against other potential system problems that may come along. These include problems associated with Windows Updates, driver updates, new software, and even a SongShow Plus updates (a very remote possibility, of course :-).
For our machines here at R-Technics, we make regular images of our system drives. Our data files are stored on servers so if a system drive needs to be restored, data files are not affected. The servers are also backed up daily onto external drives that include a rotation of disks stored off-site. When system infections occur, its simply a matter of restoring an image. In some cases, we decide that re-installing Windows and applications from scratch is the preferred approach. But in either case, blowing away a system drive is something we're comfortable with for any of our machines because of the backups we have in place.
For development machines, we've found it impractical to run in any user mode except Administrator. We've tried using non-Administrator accounts that have been granted a lot of privileges, only to eventually find some function we need to perform as a developer but is not permitted within that user account. As I mentioned above, running in an administrator mode incurs significantly more risk, since your entire system is vulnerable to viruses and malware. Even so, I still don't use anti-virus software on these machines because of how they interfere with various tools and system components.
The main risks for a machine getting infected by a virus or malware are browsing and installing tools and utilities, particularly from unfamiliar sources. I do both of these things on development machines on a regular basis, with some trepidation. There's an idea that I'm considering to deal with this problem. It is to deploy a virtual machine within a development machine. This virtual machine would then be used for web browsing and downloading. It would be equipped with anti-virus software for scanning file downloads prior to copying them to the development machine. If the system gets infected, the virtual machine files will be deleted and replaced with pristine copies of the originals. This approach has some downsides as well, but could be a workable approach. However, someone pointed out to me that using a virtual machine actually increases the surface area for a possible hacking attack, so I suppose this needs idea needs some more thought put to it.
For spam control, I have developed mailboxes and whitelist configurations so that potential spam mail is mostly isolated and can be quickly scanned visually. It's not perfect, but it works pretty well for me.
To wrap this all up: From my perspective, anti-virus/anti-spam tools are a cure that is worse than the disease. Don't use them on your SongShow Plus machines. Instead, implement the system protection measures I outlined above. Having said that, I also acknowledge that doing so will increase the chance that your system will get infected at some point. Just this week I had to deal with a malware infection on a notebook computer that, as you might expect now, had no anti-virus/anti-malware protection. I've been willing to take the risk, but if using an anti-virus tool gives you peace of mind, then you should go with it. If you do, try to find a tool that doesn't interfere with the performance of your machine. Also, remember that anti-virus tools aren't perfect -- they don't guarantee that your system won't be infected. So even if you are using such a tool, I still recommend that you implement the system protection measures I discussed.
Important note: Despite everything I've said here, we do run the SongShow Plus executables and installers through a series of virus checkers before uploading them to the server for public download! Others here at the office are, also, not so anti-virus adverse and do have these tools on their systems.
*Caveat: One down-side to deleting an infected account on a SongShow Plus machine is that you will loose most of your User Preference settings. These settings are local to user accounts, not system-wide. So when a user account is deleted, so are the settings. We need to implement a backup module for User Preferences so that these settings can be easily restored -- I'll move that item up the to-do list.