Is it worth paying for security software in 2023?

Protecting your computer doesn’t have to cost anything   (Peter Byrne / PA)
Protecting your computer doesn’t have to cost anything (Peter Byrne / PA)

Running a computer without any security software is like driving a car without brakes – you’re going to crash into something nasty eventually. This is why most people tend to pay for third-party apps that they believe will keep them safe.

The good news is that those days are largely over, no matter whether you run a Windows machine or own an Apple computer. It’s time to explore why you can now save the money that you would previously have invested in antivirus software for a PC and what the situation is for Macs or mobile devices.

Should consumers pay for security software?

For many years now, Windows has included built-in security software called Microsoft Defender. In fairness, this free package used to have a woeful reputation. However, independent tests reveal that it now performs extremely well, even when pitted directly against even the best-known paid-for software.

To be clear, the advice here concerns computers run by consumers. Businesses are an entirely distinct proposition as they face different threats and should be protected by a business security package.

What is the best security software for a Windows PC?

Microsoft Defender is baked into every Windows 10 and Windows 11 PC and is switched on by default. If you’ve not installed any third-party security apps on your PC, it should already be protected by MS Defender. But is this enough for genuine peace of mind?

Recent results from two reputable independent security labs show it does provide ample protection.

For instance, AV-Test runs regular investigations of Windows-based security suites, including big brands such as Norton or McAfee – but it also checks Microsoft Defender. In this lab’s most recent set of results from October 2022, MS Defender provided 100 per cent protection against so-called zero-day threats – viruses that haven’t previously been in circulation – as well as 100 per cent protection against more widespread malware. These security packages were each tested against more than 21,000 different samples of malware.

It’s a similar story with the results from British testing firm SE Labs. Once again, Microsoft Defender scored 100 per cent and it didn’t register a single false positive – flagging legitimate apps as malware – as did many of the paid-for packages. In short, Microsoft’s built-in free security software will keep a personal computer just as safe as the security suites you would need to pay £30 or £40 per year to run.

“The security Microsoft has built into Windows is far better than it was a few years ago and competes well against other options,” said Simon Edwards, CEO of SE Labs.

Why do people pay for security software?

So, if Microsoft Defender offers comparable protection to these paid-for packages, why would anyone buy security apps? Aside from habit, it’s usually due to the bundled extras, explains Edwards. “Often, the antivirus products that you pay for include other security features that you won’t mind built into PCs or Macs,” he said. “Some might be easier to use, as well.”

It’s certainly true that paid-for suites frequently offer extra features above and beyond straightforward virus detection. The extras found in these paid-for suites typically include a VPN (Virtual Private Network) tool, which enables you to create a private and secure connection to the internet even in a public location, as well as parental controls. In some cases, you now get credit-report checkers.

The latest Norton security package even throws in “dark web monitoring”, which claims to track whether identity thieves are attempting to trade your personal data in remote online nooks and crannies.

However, it’s worth weighing up whether these add-ons are really worth the extra expense. For instance, the VPN tools typically thrown in with these consumer security suites will often only include a small amount of daily bandwidth and so you must pay extra for unlimited traffic.

Parental controls might well provide value to families. Bear in mind, though, that the main broadband providers offer these tools for free, and these controls will then apply to any devices on your Wi-Fi network, not only the computer that the security software is installed onto. There are also other ways to perform free or cheap credit checks, and dark web monitoring is, at best, a niche benefit.

Unless there’s a particular bundled feature or combination of tools that you feel justify these costs, the evidence shows that most people will be fine with the strong levels of protection Microsoft Defender now provides for free.

That’s not to mention the protection routinely provided by other software. For example, popular web browsers will automatically block access to websites that are known to be hosting malware or phishing attacks. No software is infallible - yet the protection provided for free these days is leaps and bounds better than it was even five years ago.

Should you buy security software on a Mac?

“Macs don’t get viruses” was the infamous claim in the old Apple ads. Well, that’s not true. They do, although there’s nowhere near as much malware that targets the Mac as there is Windows PCs. That’s partly because there are far fewer of them, which makes these machines a less attractive target, but it’s also because macOS is better locked down. Personally, I do not run extra security software on my Mac.

Luckily, AV-Test also investigates Mac security suites, even though it only has around 400 samples of Mac malware compared to the 20,000-plus available for Windows PCs. Of course, it only takes one piece of malware to infect your computer and cause a problem but there’s no doubt Macs are much lower risk.

Given the reduced risk profile for Apple fans, does it make sense to pay for Mac security? Not really. If this news doesn’t allay your fears, Avast offers a free Mac security suite that also scored 100 per cent in AV-Test’s most recent round-up of Mac security software. This package will occasionally nag you to pay for the premium version, which offers extra features, such as the ability to roll back from a ransomware attack.

Among the most reputable paid-for Mac security software is Intego and its Premium Bundle X9 package attempts to bolster the value of this deal right up to £69 per year by throwing in a location-aware “intelligent firewall” and extra utilities for cleaning or backup. Once again, there’s some value here beyond security but it’s tricky to justify that price, given some of these tools are part of Mac OSX.

As with all security suites, it is always worth noting that extra software can slow down older computers, even though this overhead is much lower than it used to be.

Do mobile phones need security software?

The biggest threats on mobile phones are rogue apps. If you download apps from the official app stores, the risk is minimal, because these must pass a barrage of security tests before they’re allowed into the stores.

Yes, the odd rogue one does slip through, but the far greater risk comes from “side-loading” apps in Android, where you effectively bypass the security to install what you want. Some legitimate apps or games have also used side-loading techniques in the past yet this isn’t a process that should be recommended for most people. It’s not even possible to do so on iPhone at the current time.

If you want to be extra careful, there are free security apps out there for Android, including AVG Antivirus (again, you might be nagged to upgrade) and Microsoft Defender. These tools will scan your apps and local storage for any threats.

As for iPhones or iPads, there’s no real need for security apps at all, because the Apple App Store is pretty well nailed-down and you can’t sideload apps onto these devices in the first place.

Is any security software worth paying for?

Let’s be clear – nobody is saying every type of security product is a waste of money. A reputable VPN tool such as SurfShark is a worthwhile investment for around £24 per year, especially if you regularly use a computer or mobile device on public Wi-Fi. It also enables you to conceal your location while online.

Likewise, a dedicated password manager such as 1Password is an excellent security add-on and this tool will cost roughly £30 per year on its own, albeit the free Bitwarden is another strong option.

Naturally, the cost of these apps rapidly adds up, too. Even so, when it comes to malware detection or scanning, the free stuff is good enough to spare consumers from splashing out on a premium package.

Barry Collins is a former editor of PC Pro magazine.