Wednesday, December 19, 2007

Stay Safe Online - 7 + 1 Steps to Internet Safety and Security for your PC

Internet safety seems like an oxymoron these days with all the threats aimed at our computers. Staying safe online doesn't have to be difficult, and this article covers the basic steps that every computer user should take.

The phrase "Internet Safety" often seems like an oxymoron. Every day we hear of new threats aimed at our internet connected personal computers which seems to just make it that much harder to actually stay safe while connected online.

Knowing how to stay safe online has become a practical requirement these days for anyone using a computer connected to the 'net. Fortunately, a few relatively simply steps and a little education can go a long way to making sure that your internet experience is both safe and secure.

1. Use a Firewall - If you do nothing else, you must use a firewall. Firewalls act as a type of barrier between your computer and the internet, preventing remote computers from connecting to yours unless you explicitly allow it. A firewall can be a simple device such as a broadband router, it could be a feature of your operating system such as Window's own built-in firewall, or it can be a full featured software package that you purchase and install on each computer. Which one you choose is less important than making sure you have one and that it is enabled and deflecting threats.

2. Back Up - Failing to back up your computer, or at least your critical data, is perhaps the most common mistake I see being made today. And sadly it can also be the most costly regret you'll have when, not if, disaster strikes. If malware hits or hardware fails often your best if not your only resort will be to recover your system from its most recent backup. Don't have one? Then you might be severely out of luck. I regularly hear from people who've lost all of their data due to a malware infestation or a hardware failure. If nothing else, invest in a large external USB drive and a good backup utility and start backing up regularly right away.

3. Keep Critical Software Updated - Every day people experience problems that could have been completely avoided had they simply kept their operating system and other PC software up to date. Both Windows XP and Vista make staying up to date very easy with "Automatic Updates" and I definitely recommend that it be turned on. Similarly, most other software and applications will now also check for updates and notify you as new ones are available. Make sure your system and applications are checking for updates regularly and installing them as automatically as possible.

4. Educate Yourself - No matter what else you do, no matter what other protections you put in place, malware authors can bypass it all if they can fool you into doing something you shouldn't. The problem, of course, is that "what you shouldn't" isn't always immediately obvious. That's why it's so important to educate yourself on how to detect and avoid their attempts. In short: be skeptical. Don't open email attachments or instant messenger downloads unless you're positive they're safe. Don't click on links in email unless you're positive that they're taking you to where you expect them to. Don't download and install software without first checking it for malware. Don't ignore security warnings unless you're sure it's OK. Use strong passwords and never share them with anyone.

5. Scan for Viruses - Even with the best of intentions, viruses happen. Even with the firewall in place, the operating system up to date, and a healthy knowledge of what is and is not safe, sometimes something slips through. That's where you'll need a good anti-virus tool. There are many to choose from but the key factors boil down to this: select a reputable tool, enable its "real time" monitoring if you're at all uncertain of yourself or others using the computer, configure it to scan your hard disk completely once a day, and make absolutely certain that it's downloading the latest anti-virus information daily.

6. Protect Yourself from Spyware - Much like viruses, spyware can also occasionally make it through your defenses. Spyware is often relatively benign from a pure safety perspective - spyware doesn't often erase your hard drive or send spam, for example. However spyware does represent an intrusion, often presenting ads or modifying other programs in ways you didn't expect or ask for. And at its worst, spyware lives up to its name, spying on you and capturing potentially sensitive information. Anti-spyware utilities operate a little differently than anti-virus, so you'll want to make sure that you have a good spyware scanner in addition to your anti-virus tools. Like those tools, you'll want to make sure that it's downloading the latest spyware information daily as well.

7. Secure your WiFi - The default configuration of most WiFi equipment, and certainly the easiest configuration to set up, is completely unsecure. That means that anyone within range of your WiFi equipment can monitor what you're sending to and from the internet - including your account IDs and passwords. The same is true in most internet cafes and free WiFi hotspots. There are two steps you must take. First, at home, make sure you enable WPA security. This will require a password to connect to your wireless network, and will encrypt all the data so it cannot be monitored. (The older WEP security is no longer sufficient, as it is easily cracked.) Second, when you're using an open unsecure WiFi hotspot, take care to only access sensitive resources through encrypted connections. That means making sure that any web page you're visiting that requires personal information is connecting via an https connection. It also means that you shouldn't be downloading or sending email via your POP3 or SMTP based email program unless you know those connections are configured to use encryption as well, since by default they do not.

Bonus Step: Understand Physical Security - An old saying that I've found myself repeating to people more and more in recent years is this: "if it's not physically secure, it's not secure." All of the preceding tips are for naught if someone else who doesn't understand these steps can use your computer and accidentally download malware. It's all for naught if someone with malicious intent can walk up to your computer, reboot it, install software or hardware and walk away without your noticing. It's all for naught if your computer can be stolen. Take care to understand just how physically at-risk you might be and take appropriate actions. Don't let others use your computer until you're comfortable with their understanding of the risks. Don't leave your computer unattended if you can't trust the people who might be able to touch it. Consider encrypting data on your laptop or other computer if it can be lost or stolen.

Everything I've outlined might at first seem overwhelming. The good news it that most of these steps are things you'll need to do only once, and then consider infrequently thereafter. And to put it perhaps into a little bigger perspective they're not nearly as overwhelming as the impact of an actual security problem if it happens to you. The practical reality of the situation is simply this: we as individual computer users need to take the responsibility of the steps required to Stay Safe Online.

More information about staying safe online, including specific recommendations for each of the aspects discussed above, can be found at the author's web site Ask Leo! There you'll also find hundreds of answers to every day technical and computer problems.

Leo Notenboom has been in the tech industry for nearly 30 years. After retiring from an 18 year career as a Microsoft Software Engineer Leo went on to create Ask Leo!, a free web site where he answers real questions from ordinary computer users. In addition to answering tech questions Leo also maintains a number of web sites for a very limited clientele, including customer number one: his wife's collectible doll shop.

AddThis Social Bookmark Button


Post a Comment

Subscribe to Post Comments [Atom]

<< Home

Copyright © Security Expert  All rights reserved.