Cloud antivirus is a programmatic solution that offloads antivirus workloads to a cloud-based server, rather than bogging down a user’s computer with a complete antivirus suite. While traditional security programs rely on the processing power of a user’s local computer, cloud computing solutions install only a small “client” program on a desktop, which in turn connects to the security provider’s Web service. There, data from antivirus scans is analyzed, and instructions for appropriate countermeasures are sent back to the user’s computer.
The cloud antivirus market is growing as both well-known and startup security companies take advantage of distributed computing technology to provide improved protection.
By relying on cloud technology to process and interpret scan data, a user’s computer only needs to scan its file system periodically and then upload the results. This dramatically reduces the amount of processing power needed to keep a system safe. What’s more, real-time data can be pushed to the desktop client, updating local blacklists (malicious files and sites) and whitelists (approved files and sites), rather than waiting for a user to perform a manual update or relying on once-a-week or once-a-month automatic updates. Cloud antivirus is often less expensive than purchasing a full software suite. All common antivirus features such as virus scanning, scan scheduling, reporting and file removal are a part of cloud-based antivirus offerings. The processing location is the only significant change.
Possible drawbacks of this antivirus solution include a reliance on connectivity — if a provider’s Web service goes down, end-point computers are effectively left without protection, since the local client can only scan, not interpret. In addition, optimization is critical; vendors need to decide which blacklisted and whitelisted definitions are critical enough to include in the local client without bogging it down, and which can remain on a cloud server. Finally, there is some concern about user data being uploaded to cloud servers, which may pose a potential risk of secondary infection.