PC Security Guidelines:
How to keep your computer safe!

No matter what kind of computer you use, PC, MAC, UNIX (or any flavor thereof), your system can have a problem with security. I know, all you non-Windows users who read this are probably ready to explode, but it is true. Security is not strictly a Windows user’s problem; all computing environments suffer to some degree. Windows just takes the hit as having so many security holes because there are so many more Windows systems out there. Now that I have the OS/X and Unix/Linux users all fired up, let’s see what we can do to protect all of those systems.

Security “Top Ten” List
As many of you have seen from my previous columns, I am a fan of David Letterman and his Top Ten lists. I have one here that relates to personal computing security that rightfully should be provided with every system just as copies of the operating system and applications sold with the system are provided. So what are the items?

10) Make backups
9) Have a firewall
8) Keep watch for “fake” warnings
7) Have a rescue disc
6) Keep system updates applied
5) Block SPAM
4) Protect against malware
3) Know the difference between legitimate and bogus downloads
2) Beware of email bearing attachments
1) Have anti-virus software and keep it updated!

If you can follow this list, then you will help to eliminate the problems associated with infection of your machine at all levels. Now, how about some detail?

Backups
Making backups should be something that everyone does, but you would be surprised how few people really do it. Just take a look at your system. Do you have files and documents that you can afford to lose? Do you have files that you do not need and would not have to recreate in the case of a disc crash? If you do, then you do not need to backup. If you are like the rest of us and losing emails, documents, etc. would have a negative impact on your job, then you need to backup your data! In simple terms, you should back up your data files at least weekly (daily if you're running a business). That way, even if your system is infected with a virus or subject to a hacker attack, you will escape the episode with only minor damage and inconvenience. Fail to keep a recent backup though, and you'll go straight to hell--at least, that's how it will feel.

Firewalls
Do you lock your car? How about your house? You are the kind of person who leaves everything open, right? Of course not, but what about your computer? Not having a firewall is like leaving your computer unlocked for anyone that might want to open the door and come inside! A firewall is like a security guard or a bouncer for your computer; it checks every ID at the door and won't let anything in or out until you give the thumbs-up. That way a hacker can't access personal information on your hard drive, and a Trojan horse keystroke logger (a stealth Malware program that monitors the characters you type) can't steal your passwords and transmit them over the Net. The cost for these programs is minimal compared with the peace of mind they offer.

Fake Warnings
Did you know that there are more hoaxers than hackers on the Internet, and more bogus "e-mail virus alerts" than actual viruses? It’s true. Even real virus threats are typically blown out of proportion by the media. The problem is fake warnings! A fake warning could cause you to delete harmless files and then forward the message to others, clogging e-mail servers and causing virus-like damage in the process. You always get these emails from a well meaning friend (you do-gooders, you know who you are!) What you should do when you get one of these e-mails (or see yet another breathless news story), is to check it out first. Type the name of the alleged virus into a search engine to see if any of the major security vendors have issued an alert, and visit the virus hoax pages. If it is not listed, you have one of two choices: The threat is so new, you have the information in your hands before the large companies who make the products to defend computers all over the world, or, it is a hoax. I am betting on the latter!

Rescue Disc
So, what is a rescue disc? Oh boy, you may need to attend a remedial course, 091 Computer Best Practices. When things go wrong, really wrong, if you have a Windows rescue disc (assuming you are running Windows) it can be a lifesaver. You can boot from your rescue disc as the first step to your computer recovery. If you are in doubt about creating one, you can read all the details in "Hardware Tips: Create Your Own Emergency Boot Disk." Perhaps the best idea is to let your antivirus program create a rescue disc. You can use it to boot your system should it become infected. Label that disc with the creation date and store it near your system (away from magnets!)

Operating System Updates
E-mail delivered worms and other Spyware and Malware like to exploit security holes in your software--namely Windows and other Microsoft programs. Today, Microsoft issues many critical updates to fix these flaws (Patch Tuesdays). Some users ignore them. The best advice I can give you about not loading these patches is DON’T. Too many infections can and have run rampant because simple updates were not installed. If you are a Windows user, run the Windows Update program once a week and whenever Microsoft issues a warning. MAC and Linux users should also check for updates weekly for their operating systems or open source programs they may be running.

Block that SPAM
SPAM, SPAM, SPAM…Unsolicited commercial e-mail, named for the Monty Python sketch where no matter what you ordered, you always got Spam with it! Today, Spam is more than just a nuisance; it's also a major source of virus and worm infections. Many of these infections are designed to turn infected PCs into zombie machines that can be used to send spam. There are many good programs out there to fight SPAM. Today, most Major ISP’s offer software to their subscribers to block SPAM and viruses. In the corporate world, there are many solutions too, but one that seems to lead the pack is a hardware appliance that stops SPAM and infected emails at the gate. The Barracuda SPAM Firewall is the sentinel at the gate for corporate email protection.

Protect Against Malware
Just like Trojan horse programs, Spyware or Malware (Malicious Software) secretly installs itself when you download software like file-swapping applications. Once installed, these ‘applications’ track your movements online and delivers ads based on where you surf, some of them being very unsavory, others popping up and telling you that your machine is infected at to click here to clean (which then installs more Malware). Additionally, these pop-up ads can also exploit security flaws in Internet Explorer. Just as with any of the problems, there are a variety of solutions you can use. Spybot Search and Destroy and Ad-aware block Spyware. Some antivirus software and security suites also stop Spyware and pop-ups in their tracks.

Legitimate versus Bogus Downloads
If something is too good to be true, dude, it probably is (with apologies to the creators of the “Bill and Ted” movies-I just could not resist!) It’s an old adage, but still true today. If you go to a web site that requires you to download software to view a page, unless it's something familiar like a Flash plug-in or Acrobat Reader, beware. The file you are granting permission to download may (or almost certainly will) contain a virus, a Trojan horse, or some auto-dialer that calls pay-per-minute numbers via your modem and racks up huge toll call bills. Some of these files, once installed can be next to impossible to remove from your system. The best advice is not to install any software from the web unless:

1) You are absolutely positively sure you know what it is
2) You trust the company
3) You have a complete backup, rescue disc and have performed a restore point

Email Bearing Attachments
Ok, now you would never do this, but, you get a message you think is from a friend with what looks like a cool file attached, so you click on it. Next thing you know, your system is bulk mailing infected e-mails to everyone in your address book. Does that really happen? Does anyone remember the “I Love You” virus? It spread like wildfire! The thing is that using this method of deployment, infection can happen so quickly that millions of copies got out before the antivirus companies could update their databases. How can you protect against this? Well, first, take a look at the email. Would the person who sent you the file “really” send you something like this? In most cases, bosses would not send emails that would result in you looking at a “cool” file that would take away from your working. If your boss does sends thing like that, then you would know it. If there is any doubt about an email with an attachment, make sure it was sent by a trusted person, and they meant to send it to you.

Anti-Virus Software
If anti-virus software came installed on your computer and you have never updated it, you are living in denial. Today, it is not enough to have Anti-Virus software installed; you need to update it daily. If you don't have an antivirus package, stop reading right now and get one so you do not infect the rest of us! There are plenty of Anti-Virus solutions out there; some are even free for home users, but they all have one thing in common: They are only as good as the last virus definitions set that is loaded. New threats and variants, zero day infections, etc. are found daily. You need not only the software but also to keep it updated!

How can I get more information on this subject?
Update early, update often, and back it up. What more can I say? Security is everyone’s job when it comes to computers, and if you are not part of the solution, you are part of the problem! If you have questions or comments about this article or if there is anything new on the subject, contact me. I would be happy to respond.
 

All product names / logos, company names / logos are copyrights of their respective holders. John Boline is an MCSE, CNE, USE and a member of the Network Professional Association. The content herein is often based on late-breaking events. Much of the material is based on information from sources that are believed to be reliable. Hagerman & Company, Inc. disclaims all warranties as to the ultimate accuracy or completeness of the information. Hagerman & Company, Inc. and its employees shall have no liability for errors, omissions or inadequacies in the information contained within this article or for any interpretations thereof. The recommendations, positions and best practice policies outlined herein represent Hagerman & Company, Inc. initial analysis and therefore are subject to change as further information which may have bearing on these positions is made available. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice. Entire contents © 2007 Hagerman & Company, Inc. All rights reserved. Reproduction of this publication in any form without prior written permission is forbidden.