• Software Solutions
  • Autodesk Subscription
  • Building Solutions
  • CAM Solutions
  • Civil Engineering Solutions
  • Industrial Design Solutions
  • Manufacturing Solutions
  • Process & Plant Solutions
  • Visualization & Animation Solutions
• Customer Relationship Mgmt
• Data Management
• Design Automation
• Government Solutions
  • Design & Construction
  • Emergency Planning & Response
  • Facility Lifecycle Management
  • Government Transportation Solutions
  • Manufacturing Design & Maintenance
  • Public Works & Utilities Solutions
  • Real Property & Asset Management
  • Situational Awareness & Response
  • Training & Simulation
• Hardware Solutions
  • 3D Printers
  • Notebooks and Desktops
  • Motion Controllers

CSS Drop Down Menu by PureCSSMenu.com  

Security for the Desktop / Enterprise:
Simple Steps to Staying Secure

It seems like we have been dealing with security issues ever since the day that computers came to the office place. First, threats came to the desktop via the sneaker-net (floppy disks moved from machine to machine), then from the LAN. Now, with Enterprise networks, the Internet (with millions of sites for business, reference and networking) combined with CD’s, DVD’s, Blu-Ray and even USB devices, the chance of getting a virus, malware, botnet or other attack can come from many fronts, but the same simple methods for keeping your system and data safe have not changed much over the years. Whether the computer is a workstation or a server, the same basic rules apply for keeping it secure.

Where Does Security Start?
Passwords? Yes, passwords! You have passwords set and do not have blank passwords anywhere on the system. This is a great place to start. Second, do not use the same password for personal access that you use at work? Why? Well, this is basic security and it allows you to make sure that all of your business accounts and personal accounts cannot be accessed should there be a breach of one source. Another good practice is to NOT write your passwords on a post-it that is on the wall or under your keyboard! Use upper and lower case letters, numbers and at least one special character in your password, where possible. This makes the password infinitely more secure than ‘qwer123’.

Common Sense
One of my favorite quotes is that common sense is not that common! When it comes to security though, using plain old common sense can be a real plus! When in doubt, consult your IT Department. Don’t have an IT Department? In that case it is always best to err on the side of safety. Email attachments are still a widely used way to infect computers with unwanted payloads. The common sense approach is to delete email attachments from people you don’t know - without opening them!  Screen savers and animations are another easy in, particularly on unprofessional-looking websites. Strange links in emails, Instant Messages, blogs and social network walls should also be carefully reviewed. They just might contain malicious code.

Removable Media
Do you still use floppy disks? Did you know that support for these, even by Sony, has effectively ceased? I know, but you still have a need for them, right? Maybe in some cases, so how do you make them secure? Simple, really! Scan them before use for viruses and other threats before transferring their contents to any computer. Keep them labeled, don’t share them, and if at all possible, do not boot from them! What about CD’s and DVD’s? They should be safe, right? Nope! Whether the disc was burned at a factory or on a user’s computer, if the source files were compromised, the disc will be, too. The same holds true for pen / jump drives that come to you with files loaded, no matter the source. You really need to scan them for virus and malware threats to make sure you are safe!


Downloading Files
Downloading files is a simple way to get an infection. If you see a link that allows you to download something of value for free, treat it with suspicion. You should avoid downloading files of which you’re unsure, especially desirable files such as freeware, screensavers, games or other executable programs.  If you are going to download a file, make sure your Anti-Virus software is up to date and is running and set to scan downloads! Internet news groups and web sites, social media sites and Warez sites all may well be full of potential threats. It is kind of like getting an email; if you do not know / trust the source, you run an increased risk of infecting your computer

Anti-Virus
I touched on Anti-Virus software before, but make sure you have it and that it is updated frequently. Most vendors will allow you to configure the software to automatically download the updates on a daily basis. Another common sense axiom is that even the best anti-virus software isn’t much help unless you keep it updated. Configure your anti-virus software so that it launches automatically with startup of your computer and runs constantly. Periodically check it to make sure that it is getting updates the way you configured it. Proper anti-virus and other computer security applications can scan files for unusual changes and watch for other warning signs.

Email Considerations
Many enterprises have email scanners that take place at the firewall and / or server level before those emails arrive at the desktop. Even in those cases, or in cases where you do not have such countermeasures at your disposal, your anti-virus software should have a plug-in that allows you to scan all incoming email and attachments. Most security software will automatically scan each attached file to email or IM messages—even those from trusted sources. The small time that it takes to perform this function is something that can save hours should a file be compromised.

Spyware Considerations
Many free tools are available for identifying and removing spyware, adware, and various other non-virus malware. Many are supported by donations (i.e. Spybot Search and Destroy).  These Malware files are often installed by Trojan programs, some freeware and shareware applications programs (like file-sharing programs), or as "drive-by installations" from various websites - whether commercial or social in nature.  Malware invades your privacy and interferes with your work by transmitting your personal information to their creators, opening unwanted pop-up windows, and noticeably slowing your computer's performance. Many of the programs that purport to be web-based anti-virus programs that say you are infected, are actually some of the most virulent kinds of Spyware / Malware.

Staying Current on OS Patches
Keep your operating system up-to-date. Updating any programs used to access the Internet is also a good idea. You do need to make sure you are not months behind, but many security experts and IT departments will recommend that you make sure the security patch does not break something else. When you decide to do an update, make sure you have a backup so you can roll back changes made by patches if necessary. Often when finding vulnerabilities that pose security risks, they create and distribute patches for the product.  Staying current will keep you safe from known threats and make your system an unattractive target for those who want to wreak havoc!

Use a Firewall
Use a firewall on your systems to protect your computers from Internet intruders. Any Computer attached to the Internet should use a personal firewall to filter out unauthorized or potentially dangerous traffic from the Internet, while allowing good traffic to reach your computer. This goes without exception, even for those systems that are behind an Enterprise firewall. You may need to make exceptions to allow some programs that you want to use to be allowed access through the Firewall, but once it is set, you will likely not need to make changes until there is an update of that software.

Backup, Backup, Backup!
Back up your computer data regularly. This cannot be stated often enough. Do not assume that someone else is doing this for you! The failure of a computer hard drive or the mistaken deletion of a data file can be devastating to the individual, and can mean the loss of many hours of work. Think about what you use every day and how much time it would take you to recover should those files be corrupted, deleted or inaccessible due to a hard drive failure. You can guard against disasters by having backups. If your IT department performs backups, that is great. If not, there are online services that can back up your system for a small price (i.e. Carbonite and Mozy) so that you will never have that feeling of losing everything. These services also provide access to those backups in the case of a stolen laptop.

Looking at the BIG Picture
One of the best things that can be done is educating users in the use of their software. This includes email, attachments and downloads. They say ignorance is bliss, but ignorance of the threats that are out there can be catastrophic. An unaware computer user is often the one who will fall victim to viruses, spyware, and phishing attacks, all of which are designed to corrupt systems or leak personal information to a third party without the user's consent. Trust is the key! You need to know whom to trust and when! Advertisements and pop-ups on the Internet have become devious and deceptive, appearing as "urgent system messages" and warnings designed to scare users into clicking. As a rule of thumb, if a popup window contains an ad claiming to end pop-ups, speed up your system or optimize your internet connection, chances are it's a scam of some sort.  Proper security practices combined with up-to-date system patches, applications patches, anti-virus software, anti-malware software, firewalls and backups are a winning team to keep you safe.

 

All product names / logos, company names / logos are copyrights of their respective holders.  John Boline is an MCSE, MCTS, CNE, USE, a member of the Network Professional Association and the Microsoft Partner Research Panel. The content herein is often based on late-breaking events. Much of the material is based on information from sources that are believed to be reliable. Hagerman & Company, Inc. disclaims all warranties as to the ultimate accuracy or completeness of the information. Hagerman & Company, Inc. and its employees shall have no liability for errors, omissions or inadequacies in the information contained within this article or for any interpretations thereof. The recommendations, positions and best practice policies outlined herein represent Hagerman & Company, Inc. initial analysis and therefore are subject to change as further information which may have bearing on these positions is made available. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice. Hagerman & Company, Inc. assumes no obligation to update the forward-looking statements made in this newsletter to reflect any change in circumstances, after the date of publication. Entire contents © 2010, Hagerman & Company, Inc. All rights reserved. Reproduction of this publication in any form without prior written permission is forbidden.

 

 

 

 

 

This page last edited on Wednesday, November 10, 2010