Computer Security PDF Print E-mail

by Clay Cushman – Lead Technician

Computer security is a hot topic these days, especially with the proliferation of identity theft and online fraud. Criminals are constantly devising clever ways to fool computer users into handing over their information—making it harder for the end user to tell if their online transactions are legitimate. Here are a few steps to take to make sure your computer is secure against some of the most common security threats facing the casual user today.

Firewall

Most people do not know how a firewall works or what it is for; they just know that they need one. The inner workings of a firewall aren’t important in this article, but the basic job of a firewall is to keep other people from accessing your computer. This is essential for computers that are directly connected to the internet, as are most home users.

 

Microsoft Windows XP, Microsoft Windows Vista, and Windows 7 have built-in firewalls that provide very basic protection, and for most casual users this can be enough. However, there are still security vulnerabilities that can get through the Windows firewall very easily. Most internet broadband routers (or Ethernet routers) come with a very basic firewall that can help protect you from outside intrusions. A combination of the Microsoft firewall and a router with a built-in firewall can be enough for casual day to day use.

There is a word of warning with firewalls, however: depending on the level of security you wish to implement, certain applications that rely on the internet or network (email, peer to peer file sharing, online games, etc) can be adversely affected by an over-protective firewall.

Anti-virus

Having an up-to-date antivirus system installed is a must when working on the internet. A security suite, such as Norton Internet Security or similar product has an added level of security that will stave off most malicious attempts. There are several modern Spyware infections that have the ability to steal credit card numbers and other personal information if your computer is infected. If you suspect your computer has a Spyware or other malicious software infection, contact a computer professional before attempting any online shopping or other sensitive transactions over the internet.

File Sharing

File sharing is a very popular day-to-day activity on the internet. Many users will set up file sharing software to share music, videos, and other data, but may not realize that file sharing can put you at risk for information theft. Many file-sharing programs will ask you to “share” certain folders by default, and some might not be clear on what kinds of files will be shared, or how the layers of folders on your system are shared out to others. There have been several cases of people sharing out documents with important or private information without realizing it. Always pay attention to what folders are being shared, and you might want to consider isolating all of your important data from your sharing / downloading activities.

Phishing

Phishing is a more recent form of fraud on the internet, and it has raised several concerns because it is a form of fraud that is hard for the average user to detect. Phishing will usually start when the user gets an e-mail designed to fool the user into clicking on a link contained within. Most phishing e-mails will look like an official e-mail from a bank or other institution, and will entice the user by stating that there is a problem with an account, or that a large deposit has been made, and so on. When the user clicks on the link, they will be taken to a phishing site. Phishing sites imitate bank websites, credit card websites, eBay, and other popular commerce websites, in order to fool the user into entering their user name and password. Once the operator of the phishing site gains the user name and password, they will log into the real site and steal money, make illicit purchases, or even steal your identity.

There are several tools out there that aid in detecting phishing sites, and most are very effective. The most effective tool, however, is common sense. If you receive an e-mail that seems too good to be true, or you haven’t made any online transactions or recent large purchases, approach the situation with caution. If you get an e-mail that seems suspicious and you are unsure if it is legitimate, one option is to call the institution that sent you the e-mail and talk to someone to verify the information. Most major financial companies will never ask users for internet user names or passwords over the phone, and they should be able to help you with standard identification techniques.

Computer Security

Everything mentioned so far will help protect your information while online, but what if someone steals your actual computer? Or you lose it and someone finds it and decides to keep it? There are several options that can help protect your private information in the case of a theft or accidental loss.

Windows passwords are convenient and easy to set up, but unbeknownst to most users Windows passwords can be easily defeated by a seasoned cyber-criminal. The same holds true for system or “BIOS” passwords. The use of such passwords is still highly recommended, but in the long run they are not an end-all protection against theft. The best thing to do to ensure your data is kept safe is to use encryption and use a strong password for that encryption.

Microsoft Windows XP Professional has built-in encryption that is easy to set up and can be difficult to defeat. For a more advanced solution, Microsoft Windows Vista Enterprise Edition as well as the Enterprise versions of Windows 7 offer a higher level of encryption called “Bitlocker Drive Encryption.” While these encryption methods could theoretically be broken, most thieves will not expend the amount of time and energy needed to do such a thing.

It is also a good idea to keep separate backups of your most essential data in case the unthinkable does happen.