One of the first parts in protecting yourself from all of the people trying to invade your systems and steal your money and information is to understand what threats you face. Here are just a few:
If you work only at home on a desktop computer, your risk is lower than those who carry their valuable laptop into public, but everyone is a possible theft target. In the past thieves were mainly interested in just your physical hardware; however thieves are increasingly more sophisticated and try to get personal and financial information off your hard drive before they pawn off the stolen system. If they can get a credit card or even worse, enough information to steal your identity, they will net much more than the value of your computer.
If your computer is stolen, even if they only get your hardware, you may have lost data that will have to be replaced. Additionally, you would have to devote very significant amounts of time and money in physically replacing the hardware, reinstalling all of your software, and restoring your data – if you were wise enough to back it up. And until this is done, you are missing a key tool in running your private life, your business, or both.
Some other computer problems can be nearly as costly as theft. Viruses can be caught from infected email or files. They can slow down your computer or destroy data. Or they can diminish your productivity and take time to fight and prevent. They usually infect your computer when you open the infected file.
A new threat called phishing is a form of email fraud where someone pretends to be a trusted source like your credit card company. They can do this over the computer or on the telephone. They try to get you divulge private information through very clever words. Be very wary of someone who asks for your social security number or account information on a call generated by them. This is almost always a “phishing” attempt.
The other major threat to your computer is the maladies that can be caught from Web surfing. To display many web pages, your web browser has to execute helper programs in various web languages. They can be ‘active-X, java, or other forms. If not written correctly, they can cause the browser or even the machine to freeze. But much worse is the actual embedding of ‘bad’ code in the good code. Spyware, malware, and Trojans all can be embedded in these small program modules. Each in its own way is capable of recording keystrokes, watching which web sites you visit, sending your critical private or financial data to someone in Russia, or allowing your computer to be used as a point of attack against a third company. All of these can have disastrous consequences on you or the company being attacked.
With all of these threats, there are a myriad of defensive measures that you should apply to your system and your environment. We will discuss them here from the cheapest to the most expensive.
The first line of defense against all of these evils is the PC itself. Before any software is added to a computer, the computer itself can be made resistant to tampering or intrusion. Within the PC is a section of non-volatile memory called the BIOS. The basic control program for the computer is contained here. This program is frequently updated by the machine manufacturer. And some of these updates increase the system’s resistance to unwanted programs. To update this program, you need to go to the support section of the manufacturer’s web site and follow the instructions to download a program which will ‘flash’ your BIOS to the most current version. Often times there are several releases of the BIOS, each one being newer. Use the newest version that is not called a ‘beta’ version (which is essentially an unproven version that is being tested on YOUR machine!). There may be other software drivers on the manufacturer’s web site. You should consider downloading them as well – as long as they are not beta versions.
Your computer can be started and accessed by anyone who can physically touch it, including yourself, your children, and anyone who may happen to steal your computer. You can prevent this by emplacing passwords. They will not stop a determined trespasser, but they may be just enough to make someone give up. There are at least three points where you need to consider passwords. First is a power-on or firmware password. To enable this, you much go into the system setup and enter a firmware password. This will prohibit the operating system from even booting unless the appropriate password is entered. Make sure that you write this and all passwords down and store them in a secure location – not close to your computer. Next, make sure that your operating system requires a password. If it does not, go into the system settings and create a username and password for each authorized user. Finally, make sure that your computer has a password protected screensaver.
The next thing to do to harden your computer defenses is to make sure that your operating system is up to date. All of the Windows operating system (OS) versions are found to have security weaknesses on a regular basis by security researchers and hackers. As these weaknesses are found, Microsoft revises part of the operating system to ‘patch’ the security hole. To update your operating system with these patches, you will have to run ‘Windows Update’ from the Windows Start Menu. Alternately, you can point your browser to the Microsoft web site (www.microsoft.com) and click on the ‘Windows Update’ link on the web page. Once you have started windows update, your computer will download the updates to your operating system. Often you will have to reboot windows for these updates to take effect. While you are on the Windows Web site, click on the ‘Office Update’ link as well. This ensures that vulnerabilities located in the MS Office suite are patched.
Your PC needs to be protected against Viruses and Spyware (including malware and Trojans). Unfortunately, unlike the free updates from Microsoft, these levels of protection must be purchased. Currently the top rated anti-virus software is Symantec Anti-virus. By keeping the virus files updated (by connecting to Symantec on a daily basis) and running anti-virus, your computer will remain virus free. Symantec’s antivirus is a mature product and can be relied upon to do its job well. While Norton has what they call an ‘Internet Security Suite’, this is not the most cost effective or best performing package. One common sense measure to prevent viruses is to never click on or open files that arrive attached to a piece of email – unless you expect it and know what it is. If not, it could be an ‘executable’ file that could immediately go to work destroying your system.
To provide spyware protection, the best defense is to employ ‘Checkpoint integrity client’. This is a form of firewall software. These packages look at the traffic traveling on the network to the computer and stop transfers which it considers in appropriate. It also contains a spyware monitoring package. If it finds the spyware it will try to eliminate it. In comparing the anti-spyware products with the anti-virus software, it is important to realize that this product is not as mature or effective as anti-virus software. Because of this, I recommend a supplemental spyware scanner that is run on a regularly scheduled basis. Spysweeper is the highest rated package in this category. It should not be run in a continuous monitoring mode with the Integrity client running because they will conflict. Instead, it should simply be run on an on-demand basis once a week.
The final thing that a home office user should employ is a router. This is a hardware device which is located between the computer and the internet access point. Most of these routers contain a small firewall and a feature called network address translation (NAT). It essentially hides your home/office network from the internet, making it much more difficult for internet users to see and hack into devices on the home network. If you intend to use a wireless home network, this router should be wireless capable as well. However, one of the key problems with using this device is that it allows anyone within 300 ft to access your network and see the files on your computer. To prevent this from happening, the wireless devices should have 128-bit wireless encryption protocol (WEP) running to keep this network relatively private. Your router and network cards have instructions on how to set this up. Absolutely do not run your router in an open access mode (with no encryption turned on).
This article is not meant to be an all inclusive discussion on computer security. However, it does list the primary areas of concern for security. It also describes the most common and optimal solutions for them. If you have considered and addressed all of the issues mentioned above, you have taken all of the cost effective measures to reduce security vulnerability to reasonably low levels. If you start to have requirements over the basics mentioned above, you should consult a computer specialist to ensure that security is properly emplaced. Designer Principals would be happy to assist you in analyzing your security environment and recommending the necessary steps to secure your automation systems.
