How to choose antivirus software: What you need to know


With the threat landscape changing so rapidly, it is wise to understand what your antivirus software has to offer.

Malware, viruses, phishing, ransomware: it can be a dangerous digital world out there. Global cyber threats are evolving, and everything is fair game — your personal information, your financial accounts, your privacy.

With the threat landscape changing so rapidly, it’s important to remember cybercriminals are changing their tactics, too. They are finding new ways to gain access to your devices and information.

When you think about device security software, you probably think of antivirus protection. It’s one of the most important lines of defence in digital safety, but security technology has evolved beyond antivirus. That’s because threats have grown more sophisticated and stealthier. Think: data breaches and identity theft.

Here are some things to consider before choosing antivirus or security software:

  • What’s being offered and how will it benefit you? For instance, if you have more than one device, look for security software that covers all your devices.
  • Does the antivirus solution come with excellent customer support and real-time protection from malware and viruses? Cybercrime can happen at any time. 
  • Does the antivirus protection software come with data backup and parental controls?
  • What are the differences between free antivirus and paid antivirus protection? Some free options may sell your information to third-party companies and open your devices to advertisements. A reliable security software like Norton Security helps keep your PCs, Macs, and other devices protected.

Key antivirus features

Since antivirus and security software have gone beyond protecting your computer and other devices from malware and viruses, here are a few extra features to look for when selecting the right security software for your needs.

1. Multi device protection

A good security suite offers protection for multiple devices like PCs, Macs, smartphones and tablets. It keeps up with the needs of the individual, knows the risks associated with each device, and offers comprehensive protection for many devices.

2. Malware andvirus threat protection

Most antivirus products offer protection from malware, ransomware, spyware, trojans, viruses, phishing attacks, and other online threats. It’s smart to understand what differentiates an average antivirus protection software from an outstanding one. Look for awards, reviews, and the technology behind the service. Some companies may even offer a money-back guarantee.

3. Parentalcontrols

To help keep your family protected from online threats, look for parental control features. Features to look for include content filters that prevent kids from visiting websites that are inappropriate for their age, time supervision, and social media.

4. Firewall

A reliable security software uses a smart firewall to help safeguard private information and financial data. It blocks malicious information from entering your network and can help prevent your private information from being accessed or even leaving your device without your consent.

5. Cloud backup

A useful feature to have in a security suite is cloud backup. The automatic-backup feature within Norton360 helps safeguard information like sensitive data, photos, and other files.

6. Virus Removal Tool

In the worst case scenario, an antivirus software should be able to help protect your device. Norton’s software ensures this protection — helping remove your virus and also finding the source of it.


How does antivirus software work?

Computer users often think of “antivirus” as a main line of defence against viruses and malware, and it can be. But antivirus is just the start. Consider Norton 360, for example. Its multiple layers of protection work together to help improve the speed of detection and prevention of malware — and antivirus is just one of those layers.

Protection Layer #1: Network | Firewall and Intrusion Prevention Solution

Norton’s Intrusion Prevention Solution (IPS) is a network-level protection technology that analyses incoming data, looking for signs of malicious traffic, and blocks threats before they hit your computer.

Protection Layer #2: Antivirus | File-based protection

Antivirus is a file-based protection system that looks for and eradicates malware in files on a system to protect against viruses, worms, Trojans, spyware, bots, adware and rootkits The name of the file, its signature of how it acts to threaten systems, is known and shared from Symantec’s research on millions of threats.

Protection Layer #3: Insight | Reputation-based protection

INSIGHT™ is a cloud-based solution that correlates tens of billions of links between users, files, and websites to detect rapidly mutating threats. By analysing key file attributes, INSIGHT™ can accurately identify whether a file is good or bad and assign a reputation score, effectively protecting against attacks while reducing scan time.

Protection Layer #4: SONAR | Behaviour-based protection

SONAR™ is a behaviour-based protection engine that leverages artificial intelligence to provide zero-day protection. This behaviour-based layer effectively stops new and unknown threats by monitoring nearly 1,400 file behaviours while they execute in real time to determine file risk.

Protection Layer #5: Repair | Norton Power Eraser

The goal of security software is to prevent threats from reaching the devices they protect. But sometimes it still happens, such as on a device that previously did not have security software installed, or in the case of a zero-day threat. The Norton Power Eraser tool is designed to detect and remove such infections, as well as the downloader that brought the threat onto the device in the first place. It functions as a simple virus removal tool.

Do Macs and Apple products need antivirus?

Apple computers can get viruses and malware just like PCs can. While they may not be as frequent targets as Windows computers, however, all have their fair share of threats. Cybercriminals can target software and hardware vulnerabilities that affect all devices, whether it’s a Mac, PC, Apple, or Android device.

Meltdown and Spectre were two major vulnerabilities that affected the processor chips of PCs and Macs. This vulnerability allowed malicious programs to steal data that was being processed on the computers’ chip, including sensitive information like passwords stored in a password manager or browser, emails, personal documents, photos, and instant messages. All of these devices were vulnerable until the right software patches were installed.

Macs have also been known to have benign yet annoying pop-up ads. But some can be malicious like the MacDownloader malware. MacDownloader was a form of spyware that attempted to steal personal data. Macro viruses are another form of malware that affect Windows and Mac computers and devices. They’re capable of creating new files, corrupting data, moving text, and formatting hard drives, among other things. KeRanger is one the first forms of ransomware that hold data at ransom.

A comprehensive security software that provides multiple layers of protection including a virus removal tool, can help keep Apple products like the iPhone and Macbook Pro safe from these kinds of vulnerabilities.

What are the risks of not using antivirus protection?

Not having antivirus protection is like leaving your valuables in a vault but not locking it. You wouldn’t store your personal information on a device and leave it unprotected, would you?

Cybercriminals are on the lookout for these kinds of “unlocked vaults.” Cybercrimes may be committed by individuals or large organised crime groups. The mode of operation may change from time to time, but the goal is the same — take advantage of vulnerable devices and people to steal identity, personal info, and bank- or credit card-related info.

There is a huge market in the underground economy on the dark web for stolen forms of personal information. Not having security software to protect your devices could leave room for cybercriminals to access your devices, information and resources to commit crimes.

Take the man-in-the-middle attacks, for example. Cybercriminals take advantage of poorly secured Wi-Fi connections to insert malicious software that’s been created to intercept the data transmitted to and from the victim’s device. Such Wi-Fi connections are often found in public places, like coffee shops, airports, or hotels. The aim is to gain access to personal information such as your login credentials, passwords, account numbers and other information stored on that device.

What can you do? Installing and running a robust security software with multiple layers can help protect your information. Most security software will scan and quarantine the malicious file. In the case of a zero-day vulnerability, where a vulnerability has been discovered and a patch has not yet been placed, the virus removal tool will destroy the file along with the downloader.

It’s up to you to decide the best security software for your needs. Not having antivirus protection could put your devices and your personal information at risk. Having a trusted antivirus software could help you navigate the internet freely and protect what’s yours.

Antivirus glossary

Adware and spyware

Embedded in free software, such as weather trackers and screensavers. This type of malware generates ads and tracks behavior.


Programs and files that are created to do harm. Malware includes computer viruses, worms, and Trojan horses.


Similar to phishing attacks, pharming attacks redirect users from a legitimate site to a malicious one.


Seemingly safe links take users to malicious sites that gather personal data and login credentials. The links can be found within websites, emails or ads.


When downloaded, ransomware blocks access to files and programs until users pay a set fee.

Real time

An immediate action in response to an event, incident, or alert.

May also be called a Trojan horse. A type of non-parasitic malicious code that has unexpected and malicious consequences. Trojans represent themselves as something other than what they truly are. The Trojan may even perform the functions it initially indicates when executed but will also carry out its malicious actions.


Harmful software that replicates itself and spreads to other devices.


The day a security researcher reports the discovery of a new vulnerability to either the technology manufacturer, a security news group, or both. This starts the “time to exploit clock,” which tracks the number of days between the discovery of the vulnerability and the exploitation of it.

*Restrictions apply. Must purchase, renew, or upgrade your Norton subscription, or enroll in Automatic Renewal Service online. See for details.

Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.