Why is layered malware protection important?

Why is layered malware protection important?


You are the ruler of your own digital kingdom. To protect your throne of ones and zeroes, you build a perimeter wall around yourself. It’s a sturdy wall and you feel safe for the time being, but you know deep down that ultimately there’s no such thing as a completely impenetrable barrier. If something were to somehow breach that wall, you’d be a sitting duck! So, you build another wall around your existing wall. And another wall around that one. And then one more wall for good measure. Finally, you’re protected by so many layers that the chance of anything making it all the way to the throne is practically zero.

Modern IT security best practices are built on the same principle. No single-focus solution is completely foolproof, but using a range of layered security elements gives you multiple opportunities to deal with threats should anything happen to get past your initial layers of protection.

Here’s how Emsisoft’s layered security elements work in conjunction with each other to keep you safe:

Layer 1: Block attacks on your network with a firewall

Typically, the outermost layer of your security setup will be a firewall. A firewall is positioned between your computer and the Internet and prevents unauthorized access to your local network.

Through the use of technologies such as Intrusion Prevention System and traffic inspection services, firewalls are able to analyze traffic and identify and stop traffic that it recognizes as malicious. You can also configure firewalls to create custom rules that can be used to block or allow certain programs from accessing the Internet, limit traffic to specific ports and IP addresses, monitor traffic and a whole lot more.

As an aside, it’s worth noting that the Windows Firewall has come a long way over the years and now offers protection that is at least on par with most paid options on the market. Windows Firewall can be used seamlessly with Emsisoft Anti-Malware to maximize your system’s security.

While a firewall might be your first line of defense against online threats, it isn’t a bulletproof system. It’s essentially impossible to make a firewall that allows for good network functionality while still being completely secure. As long as you wish to connect to the Internet, a firewall cannot provide 100 percent reliable protection on its own. This means that you need another layer of protection…

Layer 2: Prevent access to dangerous websites with Web Protection (formerly Surf Protection)

Note: This post has been updated to reflect the new name of Surf Protection. Goodbye ‘Surf Protection,’ welcome ‘Web Protection!’

A firewall is designed to block the bad guys from getting into your digital kingdom, but what happens if you unwittingly let down your defenses and invite the criminals inside?

Phishing has become one of the most common attack vectors in recent years, with research from PhishMe noting that the number of phishing attacks rose 65 percent between 2016 and 2017. By exploiting human curiosity and our tendency to make the occasional mistake, hackers are able to trick users into clicking suspicious links, installing malware and giving away their personal information.

That’s where Web Protection comes in.

As you browse the web, Web Protection keeps an eye on things and warns you the moment you try to connect to a malicious or suspicious host. Emsisoft Anti-Malware uses an enormous database of known malicious hosts that is updated every 15 minutes to keep you protected against malware, phishing, potentially unwanted programs (PUPs) and privacy risks. In this way, Emsisoft Anti-Malware can stop malware at the initial point of contact, long before it can touch and make changes to your system.

The combination of a firewall and Web Protection can do wonders for preventing malware from breaching your walls, but on the off chance that something manages to slip through the cracks, you need to have a reliable way of removing the intruder…

Layer 3: Block known malware with File Guard

If a threat has managed to sneak past your first couple layers of defense, the Emsisoft File Guard will step in to stop malware from infecting your system.

File Guard is active at all times and runs quietly in the background. Using a dual-engine scanner, File Guard compares your files (when they’re run, modified or read, depending on your settings) against millions of known malware signatures without putting significant strain on your computer’s resources. By default, File Guard alerts you when it detects malware and automatically quarantines (with notification) any PUPs it finds.

While a malware scanner is very effective at combating known threats, its shortcoming is that it relies solely on comparing existing malware signatures. If you happen to download malware that isn’t in the database, a scanner is not able to recognize the presence of a threat. That’s where the next layer of protection comes in…

Layer 4: Stop brand new threats with Behavior Blocker

More than 250,000 new malicious programs are found daily, according to figures from independent antivirus testing group AV-TEST. That means that every single day, there are (at least) a quarter of a million pieces of new malware that can’t be detected by conventional scanners.

Thankfully, the Emsisoft Behavior Blocker doesn’t rely on known signatures to identify and stop digital threats. Nestled between your operating system and the applications on your computer, this critical layer of protection checks for malicious patterns of behavior and alerts you when something suspicious happens – even if it’s the very first time the malware has been seen in the wild.

Layer 4.1: Prevent encrypted documents with Anti-Ransomware

While it’s technically a subset of the Emsisoft Behavior Blocker, ransomware has become so prevalent in recent years that our Anti-Ransomware component deserves special mention. This layer of protection is specifically designed to identify the behavioral patterns of ransomware and stop the offending program before it can even encrypt the first file. In contrast, most antivirus software can’t take action until after encryption has begun.

With the previous components combined, your layered security system will be capable of catching just about everything that comes your way. Ultimately, however, there are no absolutes when it comes to IT security, so it’s always wise to plan for the worst case scenario…

Layer 5: Restore undamaged data with backups

Backups are the ultimate safety measure. In the unlikely scenario that malware is able to make it through all your previous layers of protection, you can easily undo the damage by using your backups to simply restore your PC to a previously safe state.

Remember to create regular backups and follow the 3-2-1 rule:

While there is some time (and probably a little money) involved with creating backups, the peace of mind is most definitely worth the investment.

The advantages of layered security

Using multi-layer protection is the most reliable way of keeping your PC safe from modern digital threats. While no single component can offer 100 percent protection, using a combination of layered security elements maximizes your chances of catching malware at some point before it can successfully infect your system. In the event that something does manage to get all the way to the throne, backups can be used to restore your digital kingdom to its former peaceful state.

The advantages of layered security are clear. If you’re looking for antivirus software that takes a layered approach to security, feel free to download a free trial of Emsisoft Anti-Malware.

Emsisoft Endpoint Protection: Award-Winning Security Made Simple

Experience effortless next-gen technology. Start Free Trial

Have a wonderful (malware-free) day!



Writer. A picture is worth a thousand words but unfortunately I can't draw. The world of IT security has always fascinated me and I love playing a small role in helping the good guys combat malware.

What to read next