Hackers, Computer security, and the basics on protecting yourself, and your systems online.
To me computer security really means the securing and backup of all devices connected to the internet or used to store your information. Securing the device also means keeping the hardware and software well maintained.
Recently we have seen the company HBGary Federal brought to their knees by the hacking group known as Anonymous. The sad part of the story is that HBGary was not practicing some of the simplest security procedures, some of which led to the hacks and the release of emails, that have so damaged HBGary that the company pulled out of the RSA conference and is still in a down slide.
OK you say, but you are not HBGary and you are not poking the Anonymous group with a sharp stick to see if they will react, so why bother with security? Most of us now use our computers for work; finances, school, keeping our photos and videos, and I have seen way to many people lose their data because they did not follow a few simple and inexpensive procedures.
So what can those of us who need to use the internet do to minimize the threats of being infected with malware or spyware, and yet still be able to do what needs to be done? Well read on and I will try and cover the basics, and then add links to more in depth information at the end of this article.
A basic checklist before using your computer or portable device.
This list is a good starting point, but if you feel that I missed something or know of a better service or practice then please feel free to contribute.
1. Is your system updated and does it have an Internet Security Suite (ISS) installed? If not at least get an ISS installed and then update your Operating System.
2. Use secure passwords.
3. Have a Backup plan in place and make sure you have your recovery disks before using your system on the Internet.
4. Connect only behind a router with NAT and a firewall. Most home routers perform this task admirably.
5. Small and Medium business should use a security device such as SonicWall or a Cisco ASA 5500.
6. When using public Wi-Fi consider a VPN service such as Hotspot Shield.
7. Never leave your portable device unattended even if the screen is locked as someone may attach a USB or SD card while you are away. There are too many small USB and SD cards that you may not notice attached that can wreak havoc on your system to take a chance.
Internet Security Suites:
Use a software security suite that offers virus, malware, spyware and firewall products. Before purchasing a product take some time to review articles from PC Magazine and PC World that regularly review and rate the available Security Suites. The great thing about these reviews is they run real tests and remove personal opinions from recommendations. To often I encounter someone’s computer that is a mess, the owner is confused as to why, and then you discover they were using AVG’s free product on the recommendation of their child’s friend. While AVG’s free product is fine for what it does, it is not meant to be an all around protection suite, and AVG does point this out on their web site.
PC Magazines 2010 Security Suite reviewed.
Use your Internet Security Suite and keep all parts of the software updated, and even though you can renew antivirus subscription updates, consider purchasing a new security suite if your current version is a year or two old to get the benefits of new features and improved performance.
Again keep you Security Suite updated.
Security suites are also being developed for portable devices such as phones and tablets.
Run full scans regularly.
Keep everything updated:
This is a no brainer and when you purchase a new computer this should be your first task before doing anything else. In Windows run the update manager or visit the Windows Update website. Linux users can run their respective distributions update commands such as apt-get, yum or the GUI tool such as Synaptic. Apple OSX users have a built in updater that should prompt them to install their updates.
Keep all applications on your systems updated.
Devote time to let the system perform maintenance.
You read that right. Most systems have simple to use tools that can be setup to run in the middle of the night. All backups, defragment of hard disks, virus scans, and backups do not need you sitting in front of the system to be run, and run they must or you will not get the full benefit of the product.
Unless you’re a business with a legitimate reason not to, then automatic updates should be turned on and run daily which includes Windows, Antivirus, Adobe, and other software.
Backups:
Backups can be as simple as installing a USB drive, a NAS, or a cloud based solution. All have their merits, and personally I recommend a system that uses a large USB drive to create images for a complete restoration in case a hard drive goes bad, along with an online backup service that gets your data out of your business or home in case of fire, flood, or theft. 1 Terabyte USB drives can be had for less than $120 and include backup software, and online or cloud based backups are getting very reasonable.
Passwords:
Not your children’s or pet’s name, and you should definitely not use password as a password, and don’t use your name, address, phone number, or social security numbers.
Do use characters such as ~, #, %, or others to make the password harder to crack.
Take a password like “total” as an example. According to several password strength checkers this is about a weak a password that you could use, but change it to “#totall” and it nearly jumps 40% in strength. Now make it “#To$tal01” and it is nearly 100% and it is still not hard to remember.
Use a website that specializes in rating password strength.
Other measures of protection:
Businesses should have a uniform Internet usage policy and have tools in place to enforce the policy, such as SonicWall, Cisco ASA 5500, or my favorite OpenDNS Enterprise Edition.
Home users should consider a paid subscription to OpenDNS. This is an excellent solution for home users!
Use a UPS for secure power. A quality UPS can be purchased for as little as $49 and protect your system from power outages, sags, and spikes from your electrical system. All of these can ruin the components of your computer.
Use a hard disk encryption package and add any hardware passwords where applicable.
Come back and check in for future articles on setup and maintaining systems or send us a message and request a topic to be covered.
