Most people blogging today are giving their opinion on various subjects such as politics, religion, etc. This isn't one of those blogs. This blog is dedicated home PC security for computers running the Windows operating system. While it may get technical, it is not intended for the geek audience. Rather, the focus is intended to communicate important information in a timely manner to the average home user. The blog will reflect my opinions about maintaining security on a home computer based on my experience. You will encounter no end of opinions on the subject, this is just mine.
So here goes...
Internet Protection
Any PC connected to the internet needs to be protected. It takes less than 4 minutes for an unprotected PC connected to the internet to get infected or hacked into. Read about it here. So how do I protect my PC? The first order of business is to make sure Windows is up to date. Microsoft provides free security patches for supported operating systems. Windows 95/98/98SE/ME and Windows NT 4.0 are no longer supported, so if you are running those versions, you are on your own. In addition to applying Windows patches, everyone needs at least 3 applications installed. Beyond that, I discuss other topics related to PC security.
Windows Updates
Microsoft has a checkered past when it comes to releasing updates for its products. I typically wait a couple of weeks and listen for problems before applying them to my PCs. Following the precautions detailed below provides a measure of protection that allows you to wait. In addition to updates for Windows, you should also check for Office updates if you have it installed. Other applications such as Adobe Reader (formerly Acrobat Reader) and media players like iTunes should also be checked.
Antivirus
Anti-virus (AV) software has always been important, but in the internet age is critical. There are many good AV applications you can purchase to prevent virus infections, but commercial AV apps usually require a subscription ($$) for updates. Norton, McAfee, Computer Associates (CA) and other vendors sell good products. But some companies saw that it was impractical to ask individuals to pay for everything they need to protect their PCs and in good faith offer their products at no cost for home use. My favorite is AVG by Grisoft and I use it on my home PC. There are others out there, but I have installed this many times with success.
Firewall
Firewalls prevent unwanted access to your PC from other PCs on your network and the internet. PCs were designed to be open on the network before internet access became so widespread and as a result can be easily broken into. A firewall addresses this vulnerability. Just as with AV software, there are many good commercial firewall applications, some from the same vendors mentioned above. If you are running Windows Vista, it contains a decent firewall application. Make sure it is activated and skip this rest of this section.
If you are running earlier versions of Windows, you can get a basic firewall application for free for home use. My personal choice is ZoneAlarm (ZA). You have to do some searching on their web site for the free version, but it's there. I also have ZA installed on my home PC. There are other good free firewalls on the web, but I have used this one for years and found it to be reliable. Some software firewalls like ZA block incoming and outgoing traffic to your PC, but not all do. Blocking incoming requests prevents infection or takeover of your PC by someone or something on the internet. The reason to block outgoing traffic is to prevent the spread of cyber diseases in case your PC gets infected or to prevent spyware applications from downloading more spyware. Firewalls such as ZA prompt you to grant access to the internet before allowing an application to connect. It takes a while to teach your firewall at first but after some time, your input will be minimal. A good rule of thumb for allowing access is to only grant it when you start an application or request an update for an application. Applications that randomly ask for access could be a virus, worm or spyware and should be reviewed closely before granting access.
You can also purchase a hardware firewall if you have a broadband connection (cable or DSL modem). A hardware firewall sits between your modem and PC and blocks all incoming traffic unless you allow it. Most residential hardware firewalls are built into routers that you can purchase at any computer or office store. Just make sure the box says it includes a firewall. The advantage of hardware firewalls is that they are much harder to defeat. Any software application can be defeated including the ones mentioned in this newsletter. I recommend having both hardware and software firewalls, but you can get by with just a software firewall.
NOTE: Be careful about having more than one firewall application installed on a PC. Multiple software firewalls just create a troubleshooting nightmare. Windows XP includes a minimal firewall which I don't recommend, so if you install ZA or another firewall, disable the Windows Firewall. Internet security suites by AV vendors also include a firewall application.
Anti-Spyware
The most recent and prevalent problem these days is spyware that is installed on your PC without your knowledge. Nobody likes free software more than I do, but many freeware applications contain spyware. Spyware can do things as simple as replacing your default home page or as malicious as sending your every keystroke over the internet! Care to send your financial information to the Russian mob? No, I didn't think so. Got a new toolbar in your browser that you didn't install? Find yourself in pop-up purgatory? Chances are spyware has been installed. You can get infected with spyware from legitimate web sites. This has exacerbated an already epidemic problem. If that is not enough, even some applications marketed as spyware removers simply install their own spyware!
OK, what do you do about it? If you are running Windows Vista, it comes with Windows Defender which is an anti-spyware (M$ calls it mal-ware) application. The problem with Windows Defender is that Microsoft adjusts their definition of spyware to suit their product marketing needs. So I'd prefer an impartial product that treats all vendors the same.
I use an application named Spybot Search & Destroy. This application is free to use on home PCs. It is updated regularly and contains an immunization feature to prevent future infections of known spyware, so you don't have to constantly scan your PC. But I scan every day anyway. You can schedule it to update itself and scan your PC on a regular basis. In order to keep freeware free, you should always donate to the writer and the Spybot site provides this option. Another company is now marketing a commercial version of Spybot, so if you use at a business, you need to purchase licenses.
Another popular application is Ad-Aware SE Personal Edition. This is an excellent application that is free for home use only. Businesses, educational and charitable organizations must purchase a license for each PC to legally use it. You can’t schedule the free version of Ad-Aware.
NOTE: Removing some spyware using these tools may cause certain applications to stop working. Applications that have spyware bundled with them typically deactivate when the spyware is removed.
Internet Security Suites
There are internet security suites available that provide anti-virus, anti-spyware, firewall and pop-up blockers in a single product. While this may seem like an easy solution, it doesn't seem to be the best solution. I have never used security suites, but there is a lot of bad press on them and I can understand why. Typically a vendor makes a name for themselves on a single product like Symantec (Norton) and McAfee did with their anti-virus products. Once they are a success, the vendor tries to expand their product line using the brand name to create sales. The expansion products are rarely as good as the original product, so I tend to stick with single products from each vendor. I'm not saying you should never purchase a suite, but research them before making a decision. Also, I can always find single freeware applications that do a good enough job without spending my money!
That's it. My first blog. There's lots more to say on the subject, so I'll post more soon.
No comments:
Post a Comment