XML FeedsIT Security
What you need to know about Computer IT Security
Three Points to Remember about IT Security:-
i. Never be too complacent (Always be on guard and always take reasonable steps to keep your system and the information on it secure).
ii. No Security is ever 100% effective (Use a range of tools/methods for protection; but not more than one anti-virus program)
iii. Always be Diligent (Always be on the look out for weaknesses in your defence and defences that have been compromised)
Three Aims of Good IT Security:-
i. Integrity – Ensuring reliable data e.g. that the system or data hasn’t been compromised by a hacker, virus or computer bug causing data to be altered, corrupted or lost.
ii. Confidentiality – Protecting your passwords, personal details, bank details etc. from hackers, Trojans and other viruses.
iii. Availability – Maintaining correct access to your system and data e.g. by protecting against malicious actions from hackers and viruses; and by keeping full and proper back-ups in the event of a system or software failure etc.
IT Security – Overall Protection
No anti-virus program can give you 100% protection and as no single defence can give full protection. Therefore to better ensure ‘Integrity’, Confidentiality’ and ‘Availability’ you really need to install several security systems to work together and follow some ‘best practice’ for security; as listed below, in order of importance with a brief description: -
i. Anti-virus software – protection against viruses including Trojans and worms etc.
ii. Other Security software - protection against malicious programs e.g. malware, spyware etc.
iii. Web Security – keep safe online.
iv. Passwords – use Strong Passwords for better protection
v. Email Protection – protection against worms and other viruses
vi. Firewall – help to keep hackers out
vii. Router – help to keep hackers out.
viii. Disk Management – regular backups, Windows updates, drivers’ updates and disk cleanup e.g. deleting temporary files, defragging hard drives etc.
1. Anti-virus software – This is the most important security tool and shouldn’t be skimped on by using a free version. Yes some free versions like AVG are quite good and do give a reasonable level of security but the risks to your system becoming compromised by hackers and viruses are far higher than if you pay for anti-virus protection.
Not only should you buy your anti-virus software, rather than use a free version, but for maximum protection you should buy it as part of a security suite of other security programs (rather than just on its own); these days anti-virus programs are usually sold as a suite anyway. For example AVG’s Anti-Virus suite of programs includes the following: -
a. Anti-Virus (protects against viruses, worms, Trojans)
b. Anti-Spyware (protects against spyware, adware and other malicious programs)
c. Link Scanner (blocks dangerous websites and checks links on most popular search engines for threats)
d. Resident Shield (background scanning all files you work with)
e. E-mail Scanner (scans incoming and outgoing mail)
f. Update Manager (automatic anti-virus updates)
g. Online Shield (checks traffic for possible threats and disallows dangerous connections)
h. Anti-Rootkit (search for rootkits hidden in the operating system)
i. PC Analyzer (identify and fix issues associated with registry errors, junk files, fragmentation errors and broken shortcuts) and
j. Identity Protection (proactive identity theft protection and privacy-related security)
Which suite of anti-virus programs should you buy? I don’t have any specific recommendations, I can only comment on my own experience and my observations of other people experiences. Prior to switching to 64bit Windows I happily used ZoneAlarm for many years, the anti-virus software suit included an excellent firewall, and it gave me excellent protection. I’ve since been using the AVG suite and have that to also give excellent protection. From what I’ve seen I understand that Sophos is also a good package. The only commercial program I’ve come across that has constantly let users down is Norton anti-virus; I’ve repaired more infected systems for friends who were using Norton’s than for friends using other antivirus software; and once they’ve switched to another system (in most cases) they’ve had fewer security breaches!
Getting regular updates (downloads should be automatic) is critical for continued protection as new viruses emerge daily. So, do periodically check that your antivirus program hasn’t been compromised and that it is still regularly updating.
Also, don’t install more than one antivirus program on your system (and that includes Windows Defender) as they will compete against each other which at best will slow your system down and at worst will cause Windows to lock or applications to freeze etc. So if you buy any antivirus software and you have ‘Windows Defender’ as part of your Operating System then turn Windows Defender off before installing the antivirus software.
You may have your own experiences or preference that you wish to share with us.
2. Other Security software – Antivirus programs on their own don’t give comprehensive protection, they protect against standard viruses such as worms and Trojans but they don’t protect against spyware, malware or other malicious programs. For these you need separate security programs such as Ad-Ware (which is a free download) or more commonly these days a suite of security programs that come bundled with your anti-virus software when you buy a licence (see above).
3. Web Security – There are a multitude of ways your system can become compromised by viruses and Trojans from pop-ups and ActiveX code on websites or by clicking on web-links either from a search engine, website or email; be web-wise and surf with care. Use the latest browser version don’t accept ActiveX on websites you don’t know, be careful what you click on and don’t click on pop-ups to close them unless you’re confident that it’s safe do so.
Firefox is safer than Internet Explorer (IE) although I still use IE with confidence as my anti-virus software suite includes ‘Link Scanner’ which is quite effective at blocking dangerous websites and checks links on Google Search for threats; it displays a green tick against a link in Google if it thinks it’s safe and a red cross it it’s not; which provides an immediate and very clear indication of potentially dangerous sites to avoid.
Also when entering a secure webpage e.g. to make a credit card payment check that the web address starts with https:// e.g. an ‘s’ at the end of http and that there is a close padlock in the corner of the screen; it’s not foolproof as secure sites can be spoofed but it can give some level of reassurance.
4. Passwords – No password is 100% secure, once hackers get into your system either via a Trojan or port scan etc. they can hack your passwords in seconds with software or get them via a key-logger virus; this you can only protect against by keeping hackers out in the first place. However, if your passwords are weak they can be guessed easily anyway without a hacker having to compromise your system. Weak passwords are using simple words; especially words associated with you e.g. your name, birth place, maiden name etc. For a password to be stronger it should be at least 8 letters long and consist of a mixture of letters and numbers and include a mix of upper and lower case letters; however to make them easier for you to remember you can substitute letters for similar looking numbers e.g. 1 instead of I or 3 instead of E etc. for example tiptoe as a weak password can be made much stronger by making it T1pto3.
Also, other don’t are; don’t use the same password for everything, don’t tell people what your passwords are, don’t store them on your computer, and if you write them down lock them away when not in use.
5. Email Protection – Incoming emails can carry viruses (worms & Trojans) and if your system is already infected your mailbox can be used to spread infected emails to others (in your address book) without your knowledge. A Good ISP (Internet Service Provider) will filter your emails before they reach you. However, spam will get through and some of those spam emails will carry viruses or malicious links that if clicked will infect your system.
Some anti-virus software suites include various forms of email protection. However, whether you use other detection and protection security software or not I recommend Mailwasher as the first line of defence. It can be downloaded as a free program, easy to install and use and it provides very effective protection, or if you wish to support the developer’s of Mailwasher you can buy a ‘once only’ life time licence for Mailwasher Pro which entitles you to free upgrades to future releases. There is little difference between Mailwasher and Mailwasher Pro other than the latter provides financial support for the developers to further develop the product.
Mailwasher is effective because it downloads the headers only, and not the whole email, from the server allowing you to easily and clearly see who each email is from, what the subject matter is and the first few lines of text. You then decide which emails you want and download those only; the remainder are trashed. Mailwasher also learns by example and quickly becomes good at recommending which emails you may not want.
6. Firewalls – Firewalls adds to your security by closing many of the unused ports making it more difficult for hackers to get in, and in some cases can put you in ‘stealth’ mode e.g. make you invisible on the Internet so that hackers can’t see you. Without getting too technical traffic is routed around the Internet through routers and it’s done efficiently because routers frequently talk to each other so that each router knows where its neighbouring routers are and who they are connected to so when it gets a packet (of data) to route it knows the best route to send it. Normally, when you’re computer is connected to the Internet neighbouring routers will ping it e.g. to say “are you still there?” and in reply your computer will say “yes I’m still here”. However, when in stealth mode your computer doesn’t respond to these ‘status requests’ and therefore neighbour routers (thinking you’re no longer online) will flag you up as being off line, thus making you invisible on the Internet.
In the early days of computer the Windows firewall wasn’t very strong so for a secure firewall protection it was essential to install a firewall from a third party e.g. ZoneAlarm who provides a good ‘free’ firewall or an even better one if you pay for it. These days the latest OS systems, Windows Vista and Windows 7 do provide quite good firewall protection.
As with anti-virus software two or more firewalls on the same OS system can conflict with each other, however, using external devices with firewalls (such as routers) can provide additional layers of protection.
7. Router – Even if you have only one computer (or laptop) I recommend buying a Router simply because it provides an additional, and effective, layer of security. Routers have an onboard, albeit basic but effective, firewall that makes it harder for hackers as they first have to break through the Router to get to your system on the other side e.g. the router provides its own MAC (Media Access Control) address to the Internet and hides your computer’s real MAC address from the world. For example if you have three PCs and a laptop all connected to the Internet (each with their own unique MAC address) via a four port Router the outside world will only see the MAC address of the Router giving the impression that only one PC or laptop is connected; but any incoming traffic from the world wide web will be routed by the Router to the correct PC or laptop.
A four port Router at only about £50 is a good investment and these days easy to setup; but when buying one you must ensure you buy the correct type compatible with your network and Internet type e.g. an ADSL modem if with BT or a Cable modem for Virgin Media customers.
Routers these days are wireless but usually they also include four ports for hardwire connections as an alternative; but do ensure these ports are RJ45 and not USB as USB are not as good. Wireless connections are less secure and if the wireless option is used you do need to ensure all ports are secure (about half of the population in the UK use unsecured wireless on their Routers allowing anyone in the neighbourhood access to the Internet via their connection and/or potential access to their system).
For added security I would however recommend, if possible, to switch off the wireless option in the Router and use hard wire connections only; I’ve cabled most rooms in our house with RJ45 ports specifically to keep our home network hard wired and thus more secure.
One last warning, if you use a Router, change the default Administrator password; all too often people don’t do this and for older models in particular anyone (including hackers) can look up the default passwords from the manufacturers websites.
8. Disk Management – Deleting cookies, temporary files and temporary Internet files, and defragging your hard drive etc. should be done routinely to maintain a high level of performance. Vista and Windows 7 does a lot of these tasks automatically for your (to a fashion) and if your system needs a good clean-up you can buy additional tools e.g. Registry Mechanic etc. but be careful where you buy them, many programs available to download from the Internet (free or available for a fee) that pretend to be maintenance or security tools actually Trojans.
To improve security and Integrity of your system ensure you get the latest updates from Windows (released monthly) and that all your software and device drivers are up-to-date.
Finally, regular backups of your most important data (documents, images, videos and music etc.) is critical; hard drives and systems to fail, either through a fault or from malicious viruses. How you backup is up to you but whatever method you adopt backup regularly and don’t assume that everything is safe just because it’s backed up as the media you’ve backed up on can also become damaged. Therefore, if you back up once, then backup twice and backup three times; using different media if you wish, stored in different locations. One option is the son, father and grandfather method which in its simple form is three DVDs, external hard drives or memory sticks etc. e.g. on the first month you backup to your first memory stick, the second month you backup to a second memory stick and in the third month a third memory stick. Then in the fourth month you overwrite the first memory stick with your latest backup, and so on.
If you wish to learn more about IT Security on line visit Get Safe Online at:-
