Scanning files on write, but not read on Virtual Desktops
We are working with VDI (Virtual Desktop) machines and we are configuring the SEP 12 policies. Our VDI admin is requesting that we set Auto Protect to "Scan when a file is modified", instead of "Scan when a file is accessed or modified." In other words, scan on write, but not on read. Obviously this recommendation would improve performance, but I'm trying to think of scenarios where this setting would be a security risk.
The VDI image is read-only, thus all changes will be lost when the machine is powered down or rebooted, however the file system of the VDI instance is obvoiusly writeable while it is live.
Is this setting recommended by Symantec?