Saturday, January 19, 2008

PC Security Practices

In today’s computing environment including but not limited to internet browsing you must consider security measures to protect your data and your computer. Vulnerabilities can include email, communication ports, wireless networking, spyware, viruses, and securing the computer from local access. We will review each in detail in this series. This article is designed to help protect you and your computer in hopes your computing experience will be a more pleasurable and safer one. 1.Email As a rule when dealing with incoming email regardless of what email client you use you should generally never open an email if you do not know the party the email was generated from. Your email client should be set to prevent attachments from being displayed or opened unless confirmed by you. Attachments can be set as executable and malicious software can be installed on your local machine. A good way to prevent some of these entities is to have in place a good spam blocking utility. Spam blockers can detect most types of spam that are used to either gain entry or used in phishing scams. You may ask yourself: What is phishing? Phishing is a practice used to gain information you may not consider valuable. In many cases this information can be used by the entity to obtain more valuable information about you for the purposes applying for loans, credit cards and other financial gains in your name. Another practice to keep is anytime you use your email client you should not send valuable information such as drivers license numbers, user names or passwords for accounts(of any type). One practice that is widely used by scammers is to send an email that looks as though it is from a financial institution requesting that you update your account information. Once the information is sent you have now granted them access to the proposed account. Setting rules to your email client can help prevent these as well. Rules are a way for your email client to detect certain words, domains or email addresses in the email and a subsequent action being taken by the email client such as deleting it automatically. Rules must be configured manually by the user for each email account. The configuration must be monitored and adjusted accordingly as tactics constantly change. 2. Internet communication ports There is no basic way for you as a computer user to know which ports are open and dangerous on your computer. In order for you to protect yourself from these types of entry you will need to implement a firewall whether it be a hardware or software firewall. When using a firewall: remember they require constant monitoring and configuration. Firewalls are only configured for basic prevention out of the box. Unless you purchase a monitored firewall software that receives frequent updates and rules. You must constantly stay updated on what ports are being used by hackers, viruses and other malicious code. One of the easiest ways to keep your computer safe from entry is to use the Windows automatic update feature. Microsoft is constantly patching and reconfiguring the Windows operating system to block vulnerabilities. You must insure your Windows version is set either to automatically retrieve these updates or you need to check the Microsoft update site at least once every two weeks to insure your version is up to date. Remember if you reinstall Windows for any reason all past updates received will need to be reapplied. You can check your version of Windows to insure you are receiving automatic updates by opening the control panel. Select the system icon and double click the icon. Select the automatic updates tab and review your current settings. If you have scheduled your system for automatic updates and installation make sure you set this action for an appropriate date and time your computer will be in use. 3. Wireless networking Wireless networks are considerably vulnerable to entry. If not configured properly your wireless network can be used to obtain information and gain access to your local computer. When configuring your wireless router or access point the easiest thing to do is to disable SSID broadcast. This prevents other wireless network cards from detecting its presents. You should always change the default user name, password and SSID set by the manufacturer on your wireless unit. The default information is shared by other hardware produced by the manufacturer. This is an easy way to gain access if the information is not altered. Use encryption on your wireless unit. This may look a little scary and prevent you from configuring your encryption as manufacturers use many acronyms to describe each security encryption type. There are several encryption types available for use. No one encryption type is 100% secure, but in conjunction with other security measures they can be used to maintain a formidable security policy. Just remember when configuring your wireless device that manufacturers publish extensive how to articles on their website for your review. As well when you purchase new hardware the user typically receives an allotted time of free support. Whether this is done through the internet or phone support the manufacturer will be willing to provide their customers the appropriate support for configuration. Note: This should be considered and verified when selecting wireless hardware and before purchasing new hardware. Mac filtering is a very secure way of preventing access to your wireless network. Mac address filtering pertains to the MAC address of your wireless card. Every network card has a physical address and every address is unique. Designating which MAC addresses can connect to your device prevents all others from obtaining access. The MAC address of your network card is printed on the device and may be named as Physical address . If you cannot find the address you may as well open the control panel and choose network connections. Right click the wireless device and select the status button. On the opened status window select the support tab and the MAC or physical address is listed. Another security technique used is to disable the DHCP functionality or your wireless device and assign static IP addresses to each computer that will connect wirelessly. This will prevent your wireless device from assigning an IP address to unknown devices. Note: Your wireless access point may not have DHCP capabilities. When configuring your wireless network there is an option to add a computer to the DMZ . The DMZ is known as the de militarized zone and leaves the specified computer unprotected (This true for all router devices). You should never use this option. If you need a particular port open to run web based software or gaming software you should contact the manufacturer of the software for the specified port and then open only that specified port if your software is not functioning properly. Anytime your computers are not being used they have no need for Wireless capabilities. You should disconnect the wireless units power. Access cannot be obtained when the device is powered off. 4. Spyware or adware Spyware software was originally used to track habits of internet browsing for the purpose of aiding companies in delivering more attractive ways of driving traffic to their websites. In more recent times this software is used for delivering popup advertisements, tracking your movements and can be used to deliver other more harmful types of software such as viruses. These types of software are common and typically delivered as tracking cookies. There are many sites that use more harmful types. Typically these sites offer free entry and use of their software for online gaming or other purposes. A good practice is to avoid these types of sites and advertisements. You should add a good spyware scan utility to your arsenal which will help maintain your security. When selecting a spyware scan utility insure your purchase includes automatic updates of the program and definition files as well as a scheduling feature. Having the ability to schedule scans and updates will help keep user maintenance to a minimum. The best practice would be to have a couple of lines of defense here. In my experience no one single utility has been able to identify every type of spyware or adware infection. I would recommend using a free spyware utility in conjunction with your purchased software. You should scan your system for spyware at least once every week (dependent upon your internet activity habits you may require more or less frequent scans). 5. Viruses Most don’t realize how vulnerable they are to viruses. If you own a PC you should own good virus protection software. Not only own a good software title but as well the software must be maintained through updates. Most manufacturers publish updates to their virus detection database weekly. If you own virus protection software it is a must to configure automatic updates on a weekly basis. The manufacturer of your software can provide you with the date of published updates in order for to configure the date and time of your automatic update. Setting a full system scan is very important. You should scan your PC every time an update is made available. If you decide to configure scheduled scans it should coincide with the date the published update is made available and after the update is applied. As well you should designate exactly what to scan and what not to scan. Make sure when designating what to scan if you use external drives or partitioned drives that they are included in the scan. When purchasing your virus protection a few things need to be considered before deciding which title to buy. 1. Does it have email protection? 2. Does it protect your instant messaging software from allowing infection? 3. Does it have spyware detection capabilities? 4. Does it block against internet worm viruses? If the virus software you are considering does not protect against of these types of infection move to another title for consideration. Remember: Virus software licenses are typically good for one year from the date of purchase. You must renew your license in order to receive further updates and maintain protection. 6. Securing the local Computer from being accessed The first thing to consider is implementing an account password. Most people use passwords that can be easily remembered such as a birth date. If it’s easy for you to remember it may be easily guessed by another user. Passwords should be at least eight characters and should include upper, lowercase letters as well as numbers. Implementing this strategy will prevent most software titles that can be run to obtain your passwords from completing this action easily. You should frequently change passwords as well. Not just your user account password on the local machine but as well you should alternate passwords to secure websites or passwords for internet accounts. Your computer can be accessed easily if you walk away for even a moment. If your PC is accessible by other users you should configure a screensaver password with the same guide lines as the password for your user account. This can be easily done by opening the control panel and choosing the display icon. On the screensaver tab select the item that states on resume, display logon screen or require password . Set the wait time for one minute and select apply. This will activate your screensaver after your computer is idle for one minute. The screen saver will only activate if the computer is idle or has no activity for one minute. The same guidelines that apply for powering down your wireless unit when not in use apply to the local machine as well. If you decide to document your passwords for accounts (of any type) this documentation should be kept in a secure location. When considering these guidelines you must remember: Computers, security techniques and practices evolve constantly just as the strategies of intrusion do. It is a priority that you maintain your knowledge of prevention.

No comments: