Before you begin reading this article, there is something that it is critical to understand. Simply put, there is no such thing as a completely secure web browser or operating system. While any of the major security suites and associated products will greatly reduce your exposure to security risks, they are not silver bullets that will stop everything that may come your way. Any product that claims to eliminate 100 percent of your security risks should be looked at very carefully.
Now that we have the ground rule out of the way, let’s consider security suites and computer security. There are a variety of means by which the security of a computer can be breached. Among the most common threats are crackers, phishing, Trojans, viruses, and worms. Potential security risks can also be introduced through spyware, malware, or email attachments, and something called port scanning.
Dshield.org, a Florida-based non-profit company, provides “platform for users of firewalls to share intrusion information”. What they do is work with software vendors to allow for a common reporting platform of port scanning activity detected by software. Port scanning is when software scans another computer system looking for open ports to connect to. Port scanning is often a prelude to other types of attacks, and is used by many viruses and worms to propagate themselves.
Among the more interesting items reported by DShield is the “survival time”. What this means is how long an unpatched computer will be able to “survive” online before being attacked. Over the course of the past year, the survival time for an unpatched Windows system is approximately 100 minutes. If you have an unpatched Windows system, you can expect it to be attacked in about an hour an a half. Clearly, you need to take matters into your own hands to protect the security of your computer systems.
There are some simple steps you can take to quickly and easily protect your computer.
1. Never run unfamiliar programs on your computer. While it may seem to be common sense, many of the most widely-spread attacks have involved spyware and email attachment worms. The rule is simple: Don’t open the attachment if you don’t recognize the sender.
2. Never allow others to have unmoderated physical access to your computer. If you have sensitive or confidential information on your computer, if you allow others physical access to the system, they may either inadvertently or intentionally breach the security of the computer.
3. Always use strong passwords. Be sure none of your passwords are easy to guess. Many people use the names of pets or children, or anniversaries or birthdays. Given how many passwords seem to be needed, another common mistake is for someone to use the same password for everything from their picture-sharing website to their online brokerage. By using only one password, if one system is compromised, all systems you have access to can be compromised. Also, if you absolutely must write your password down, never leave it attached to the computer. I recently saw the proprietor of a small business peering under her keyboard to login to her computer.
4. Be sure to keep your operating system and all installed applications up to current patch levels. Most security experts share the opinion that almost all network-based security attacks would stop if users kept their computers up to date with patches and current security fixes. Almost all of us forget to do this regularly. New Trojans, worms, and viruses are being distributed and created every day. Almost all of them are trying to exploit newly-discovered weaknesses in operating systems and applications.
5. Backup backup backup! It can’t be said enough that it is vitally important to keep regular backups of any and all important data. Even if your system is kept secure from worms, viruses, and Trojans, it is still vulnerable to fire, theft, flooding, hardware failure, and any number of other things that can destroy your most valuable data. Given the ease and availability of CD and DVD burners, there are no excuses for not keeping your data backed up.