Part 1 – PC Security and Common Sense
This article is part one of a two part series on computer security. Part two will feature network security, online security, and encryption.
In the good ‘ol days of the Internet, programmers who wrote viruses used to do it for the mischievous sense of accomplishment and respect of their hacker-culture peers. These days, however, viruses and malware are big business for organized crime. What this means for you is that viruses are no longer a nuisance, they are meant to steal valuable information without you ever knowing it. What to do to stop the attacks? Security for your home or office computer network is one of those topics that can go from the very basic to the infinitely complex. For 99% of us, though, a few simple strategies will secure your computer and its data against 99% of the threats you’ll run across.
Your PC is the destination for all the viruses, malware, keyloggers, trojans, rootkits and any number of other malicious software. The best defense against these threats is AntiVirus software from a reputable vendor. There are several great vendors that offer free versions of their Anti-Virus software. These free versions are only for home use (not office) and may lack some functionality such as scheduled scans or advanced settings, but they use the exact same scanning system as their paid-for counterparts.
At MAR’s office we use a product called Vipre from Sunbelt Software. This software is a comprehensive and inexpensive alternative to many of the more well-known vendors out there: http://www.sunbeltsoftware.com/home-home-office/vipre/
Similarly, keeping your Windows, Mac or Linux operating system up to date is critical because these updates often block security holes that viruses use to infect your computer. Macs are not necessarily safer than PCs when it comes to viruses, they are just less of a target because they represent less of the market for stolen data. As Mac’s presence grows, so will the number of people making malicious programs to infect the Mac OS. By keeping updated on the latest updates you can protect many of the hidden entrances to your computer.
All the security software in the world won’t help you if you leave the front door open. Similarly, an ounce of skepticism when online will do more for your computer security than any antivirus software on the market. A few tips:
Never open email attachments from unknown senders. A big danger comes around holidays when people start sending emails to “view the attached holiday card”. Criminals know this too, and send viruses as email attachments inviting you to watch the latest Valentines e-card. Similarly, if you receive an email inviting you to view an online birthday card, and it’s not your birthday, be very suspicious.
Beware of phishing. Phishing is a scam where an email pretends to be from a legitimate source (like your bank, ebay, Paypal, etc) but is actually from a scam website made to look like the legitimate destination. These phishing sites will ask you to “login to verify” some type of information. What they are really doing is recording the username and password to your REAL bank website. Keep in mind that all banks are aware of this scam and will never ask you to “login to verify” or “login to update” anything using links in an email. If you suspect an email is legitimate the safest way to approach it is to open a new browser (Internet Explorer, Firefox, etc) and type in the address of the site you want to visit. Never use a link in an email message to any sensitive website because it’s very difficult to see where you’re actually going to end up. By typing in the address for BankOfAmerica.com you can rest assured you will end up at the actual BoA website.
Beware of “Fake” Antivirus and other free software. A scourge of the Internet is pop-up ads that warn you of a virus on your computer, and then invite you to download a free utility to clean out the infection. Quite often these programs actually install viruses on your PC instead of clean them. One of the most notable examples of this is the “Antivirus 2009” virus which sports graphics and layout very similar to Windows. It runs fake scans on your computer, shows you fake infections, and then downloads real viruses to your PC. The best way to avoid these maladies is to never use a pop-up ad to visit a website or purchase a product because you can’t be sure of the source of the pop-up.
A real-life equivalent might be walking down the street when a complete stranger asks you if you want a free gold watch. All you have to do is walk with this stranger into a dark alley to receive your prize. Would you do it?
Other free software such as games, screensavers, and search toolbars often contain adware, which is a less-malicious form of software meant to show you pop-ups even when you aren’t browsing the Internet. This software can sometimes be a doorway to other more unsavory programs, so be very cautious about the source of your next screensaver of puppy pictures.
Like I said at the beginning, computer security is one of those topics you can follow to an extreme degree. Many specialists devote their lives to securing large company networks against those who devote their lives to breaking in. You have advantages on your side, though. As an end user you are not likely to be the target of a serious hacker; your relative anonymity will protect you to a certain degree. What you should worry about are the automated programs designed to trick you into letting them inside. Luckily these programs are not yet as savvy as live criminals at the digital con game. Using just a few of the techniques I’ve outlined can go a long way toward keeping you, and your most personal data, safe.
This article is part one of a two part series on computer security. The state of Massachusetts is currently reviewing regulations that would enforce strict new requirements on data security and the privacy of client data at many businesses across the state. The final requirements of the law, however, are still in flux. The MAR is watching the proposed regulations closely and will provide tools and resources to help you and your business comply. In the meantime, good security practices should be a part of everything you do online whether at home or in the office.