Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Best Security Practices for Internet Safety

Computer Below is part of a recent post in a forum, where a member asked how they might protect themselves better after a major virus or spyware infection created an unbootable system that needed reformatting.

QUOTE:  Yes, sometimes advanced spyware or viruses become so ingranulated in the Windows registry and startup process that reloading is your only method of recovery.  Tools, more secure settings and best practices will help prevent future occurrences. You probably know most of this general advice and I'll share what I see as a helpful in protection from some of the dangers out there:

1. Good AV package (there are certainly good free versions)
2. Good Firewall (bi-directional preferred)
3. Ensure you are using XP SP2 and IE7, (IE 6 has so many unpatched holes)
4. Firefox offers a good complementary browser with very few working exploits in the wild
5. Best practices and avoidance and "thinking security" at all times are probably your best defenses. Avoid all attachments and URLs in emails (plain text mode is also preferable). Be careful in website visitations (avoid all ads and untrusted sites). Think of every spam message as a telemarketing call or door-to-door salesman visiting ... There ain't no free lunches out there.
6. Monitor new developments. You don't have to become a security expert, but when a new risk emerges take the precautions, workarounds, countermeasures, etc. You're welcome to bookmark my Security Blog (link in signature) as I try to share new developments, best practices, etc. from a user standpoint (and there many other great sites out there as well)
7. You might want to research Anti-Spyware solutions (Counter-Spy, Spysweeper, AVG's version, AdAware, etc.)
8. Ramp up your security services and lock down unneeded services
9. When it comes to email or websites, avoid trusting them too quickly. I like the "No Trust" rule, rather than "Trust but Verify", as top-notch scammers can create authentic looking HTML that appears to come from a bank, Paypal, Microsoft, or other vendors. Call if you have to and validate anything suspicious.
10. Protect your privacy and avoid sharing sensitive info.
11. Use strong passwords and even change them periodically.
12. Stay up-to-date on all Windows patches and security updates for other products

Comments

Peter Nader said:

Shame you didn't mention the forum, but I guess if "a member asked how they might protect themselves better", it has a high percentage of "LCD" users. And, what is a LCD user you may ask. LCD stands for Lowest Common Denominator. While I agree totally with everything listed above, I think the poster was being a little ambitious with Items 5, 6, 7 and 8. 8. Ramp up your security services and lock down unneeded services - now how would a newbie user interpret that? This type of user can be likened to a female car driver [please - no hysterical responses - I have 2 daughters and 1 wife - they will do it for you]. This car driver expects the car to run all the time. They will fill the fuel tank, but everything else is to be done for them. And so it is with their computer. Unless the OS is set up with Automatic Updates then forget it. If a firewall and anti-virus software is installed, it should be of the free variety [there are a few excellent choices out there], and must also auto update. The nag screens. The nagging is simply incomprehensible to most users. The nagging is also incomprehensible to me. I just clicked them all away. The first was expected, the second humorous, and the third didn't even register before I clicked "Allow". And I [think I] know what I'm doing. Let's just hope these LCD's don't participate in any online financial transactions.
# May 25, 2007 7:24 PM

Harry Waldron - My IT Forums Blog said:

Thanking Rod for sharing this link, as the MyIT Forums newsletter is one of my "must reads"

# May 31, 2007 8:50 AM

Harry Waldron - Microsoft MVP Blog said:

First of all, good security ain't solely about operating systems themselves It's more about the

# May 31, 2007 8:53 AM

Fast-Flux Bot Nets: The Future of Botnets | Project Afterlight. Articles, News, Updates, and Reviews on Technology and Life. said:

Pingback from  Fast-Flux Bot Nets: The Future of Botnets | Project Afterlight. Articles, News, Updates, and Reviews on Technology and Life.

# July 10, 2007 10:16 AM

HP said:

The very fist stage that hackers have to pass is the firewall... So I'm not so sure if the firewall can really block them out.

# May 28, 2008 12:06 AM