Virus scanner on your Mac: useful?

There is always discussion about whether or not a virus scanner on the Mac is necessary. There is no one-size-fits-all answer, it all depends on how you use your system.

To dispel a myth right away: yes, there are viruses for macOS out there. But they are very few and you really have to make an effort to install them. The latter has everything to do with the built-in security of macOS that tries to prevent the installation of 'vague' software with all its might. Furthermore, every program that runs under macOS has quite a few restrictions. Moreover, most viruses can hardly be called 'real' viruses in the sense of destructive software. It mostly concerns adware-type junk, a single keylogger that runs in a browser, a rogue Office macro, a handful of spyware and one annoying ransomware program that encrypts files and then asks for money to undo that action. The good news is that you don't come across all this misery "in the wild" very often. MacOS is sometimes able to recognize misery itself. And it is true that you will not get unwanted software on your system until you have ignored quite a few urgent warnings. In short, it won't be that fast with malware under macOS. So a virus scanner is not necessary? That's not entirely true either!

So a virus scanner is not necessary? That's not entirely true either!

It's important to keep in mind that Mac OS is vulnerable to malware, which can theoretically install behind your back due to software bugs. Just like Windows has always been the case. The situation is different on smartphones and tablets (Android and iOS): malware can only strike there via apps that you install yourself. So there is no need for a virus scanner.

Malware outbreaks like ransomware are rare on Mac OS, but they can happen. A virus scanner offers an extra layer of protection against this. Mac OS is simply a less interesting target for malware creators: the number of users is much lower, most users are less likely to ignore red flags, and Mac OS appears to be less vulnerable than Windows.

Network with Windows computers

A scenario in which a virus scanner on the Mac comes in handy is a (home) network on which Windows computers run in addition to that Mac. If you download software or files with the Mac, which you then also open on a Windows system (or when there is a good chance), a virus scanner installed on the Mac will intercept any misery that is hidden in those downloads. In this case, not to protect macOS, but to protect one of the Windows computers elsewhere in the network from misery. The virus scanner on the Mac is then simply a first-line defense against (mainly) Windows malware. This is not a luxury given the enormous amount of malware that is in circulation for Windows. Especially if you use a NAS for central storage of all your files, it is wise to have every download checked by a virus scanner. Also on the Mac, because of the shareable nature of those files.

Types

There are two types of virus scanners for the Mac: active and passive. The passive copies require a user action before a file or folder is scanned. Think Control-click on a file and then something like 'Scan for viruses'. A great method if you only occasionally download files, especially when you consider that these are mostly free solutions. The active variant of a virus scanner is comparable to what scanners run under Windows. In other words: files are monitored fully automatically and continuously and intercepted live. That has a (minimal) influence on the performance of your Mac, but with the current generation of processors you don't notice that much in practice. Unless background scans are continuously running in case, for example, large files in mail folders of mail clients change. In that case, you can exclude such a folder from scanning. Most virus scanners will still sound an alarm when you open an infected email attachment. Preventive scanning of mail folders is therefore of little use and can mainly result in continuously running background scans.

Protections of macOS itself

MacOS itself also offers a range of protections against malware. One of those things is called Gatekeeper and that is software that works right out of the box. It is not a virus scanner, but it does recognize a large amount of software. And thus can check whether it is legit, known malware or unknown. In the latter case, you have to decide for yourself whether or not to install a program. Gatekeeper is in principle kept up-to-date automatically. You have to be careful with this. You can set the Mac to install updates automatically or manually. And by that we mean system updates. Many Mac users opt for a manual update. Handy, because this way you determine when system updates are installed and you keep control in that regard. Only: the list of options for this is a bit 'clumsy' put together. Just click on the apple in the menu bar and then About this Mac. Press the button Software update, wait a moment for the detection to complete, then click the button Advanced. You will now see a list of disable options; By default, everything or almost everything is on. Only want to check for system updates, but these not have it installed automatically, then you only put the first (Look for updates) and the last (Install system files and security updates) at. Although it doesn't sound logical, this last option has nothing to do with OS updates, but is intended for updating more administrative matters. Think of installing a font update, updates of (software) compatibility settings and also the Gatekeeper database. In fact, the latter option does not belong in this list of otherwise innocent and not immediately necessary matters. But it's in there, so make sure this option is turned on.

Which scanner?

If you ultimately opt for a virus scanner and want a 'set-and-forget' solution, it is best to opt for an active scanner. Just like with Windows equivalents, you are often stuck with a subscription construction, but - as far as we're concerned - you can live with that. Just about every self-respecting AV software manufacturer has scanners available for the Mac these days, too. Think brands like Bitdefender, Kaspersky, Norton and more. In terms of functionality it all comes down to the same thing. It is good to know that this kind of software uses kernel extensions and also asks for all kinds of more extensive permissions regarding the file system. And because writing a virus scanner is still human work and therefore bugs can occur, you also run a (very small) risk of system instability with a continuously running virus scanner in the background. A bug fix of the scanner usually solves the problem, but if you prefer to run as little 'risky' software as possible, something to keep in mind.

Recent Posts