The
Cornerstones of a Secure PC
If
you don’t have it or if it isn’t up to date or
if it’s not running, your computer operating
system, your applications and data are
susceptible to infection from very malicious
viruses, Trojan Horses and Worms. In many cases
no data is destroyed but your machine has slowed
to a snail’s-pace or is just too slow to be
usable.
The consequences of a virus infection are costly
and time-consuming. Restoration of full
operational capability after a serious virus
infection takes significant time, time that is
now not available to you to do your work.
The best advice here is
to prevent
infection. This
starts with the installation and activation of
an anti-virus program. (my personal and
professional favorite is
CA EZ-trust Antivirus)
Your anti-virus program will provide real-time
protection for incoming viruses via email, web
activities or file transfers.
Your Virus Signature Files must be updated often
and automatically
But its protection is only as good as the last
time you updated the virus protection software.
The critical component of the software is the
virus signature file which is updated almost
daily by all of the major vendors of anti-virus
programs. It is used to tell your anti-virus
software what virus forms it should look for. If
your signature file is not current, you are
susceptible to infection from new virus forms.
Most anti-virus software producers provide an
automated way for updating your software and its
signature files. With the purchase of your
software you typically get one (1) years worth
of updates and signature downloads. There after
you need to purchase additional subscription
time.
This is one of the main problems our agents are
encountering. They are getting infections
because their subscriptions have lapsed (in many
instances by many, many months) and the
automatic downloads are failing.
In other instances most agents I know never
bother to check their anti-virus download logs
to see if automated updating is actually taking
place. A simple check of the date of your
anti-virus software signature file will also
tell the tale. If it’s more than a few days old
it’s probably out of date and not being
updated.
Set-up an automated full scan schedule
Even if your signature files are up to date
there is potential that a new virus may have
made it to your system in between signature file
updates. This is why you should schedule a full
virus scan of your system at least once a month
if not more often. The anti-virus programs
provide a facility for establishing and running
an automated schedule. All that is required
after setting it up is that periodically you
again check results logs to see if everything is
okay
Operating System
Updates
Let Windows do the automated updates of the
operating system and major MS Office
applications
Because the omni-presence of Microsoft’s Windows
Operating System in today’s world, it has become
a favorite target for hackers, both good and
bad. These hackers find inconsistencies and
vulnerabilities in the way Internet Explorer and
other web-facing applications work in a Windows
environment and then develop attacks to exploit
vulnerabilities. These exploits could be
harmless but most often they are malicious and
destructive. Microsoft Corporation’s security
staff issues Operating System updates to close
these vulnerabilities and/or negate the exploits
ability to execute
With the advent of Windows 2000 and now Win XP
the process of automatically obtaining and
installing Operating System updates is super
easy and something everyone should know about
and do.
Just go to your start menu, select control
panel, select the automatic updates Icon. Do
select automatic download daily. Select a time
when you know your machine will typically be on
and you may not be actively using it. Downloads
may require a reboot. But you are under control
as to when these take place.
By doing this simple task you can significantly
enhance your system’s ability to defend against
these exploits.
SPYWARE
Who’s Watching?
Oiye, if computing wasn’t difficult enough with
viruses and spam and other good stuff, along
comes SPYWARE. Spyware items are typically some
type of tracking mechanism that allows the
issuer of the spyware to gain access to
information on your system. This can take the
form of information capturing cookies. Keystroke
capture and worse. They sometimes present
themselves in the form of pop-up advertising.
But in all cases they have planted themselves in
your system, most times without ever letting you
know they have.
Unfortunately there is no one good all-inclusive
solution to spyware or Adware. There is no
single product that is 100% effective against
all spyware. Our solution to this is to use two
or more products which provide overlapping
protection. Yes it is tedious and a little time
consuming but once set-up the solution provides
a very high degree of protection from these
intrusions.
Install Spy
Sweeper 3.5 by Webroot
There is a one month no-cost trial version you
can use to see if it is for you. According to
recent PC Mag testing it provides the highest
state of protection against most spyware
products.
Install Spybot, Search and
Destroy.
This free download (donations are solicited)
provides the secondary level of protection,
finding items that may have been missed Spy
Sweeper.
Please bear in mind that as in the anti-virus
and operating system, updates are required to
these programs to ensure that the latest
exploits are being looked for. Both these
programs support automated updating of software
and signature files
Intrusion Protection
Who’s knocking at my PC’s front door?
If your pc is connected to the internet, there
is high potential that someone out there will
discover this fact and come knocking at your
PC’s front door. It will be an automated knock
from some distant remote computer (maybe someone
just like you who had his machine infiltrated.)
And if they do come a knocking and you
unsuspectingly open the door to them and you are
not protected by some personal or other type of
Intrusion Protection then you machine faces the
prospect of being attacked, penetrated and
taken-over. Oh did I tell you, you might not
even know its happening.
Any time you connect to the internet there will
be both legitimate and many illegitimate
attempts to identify open channels of
communication used between conversing systems.
They usually called ports. All too often initial
security and system set-ups leave many of these
ports open to intrusion. If access to your
system is gained thru these ports significant
damage can be done. In many cases your system,
unbeknownst to you, is now being used as a relay
for other machines or is being used to detect
other systems that might be vulnerable.
There are only two viable ways to protect your
system from these intrusions.
Never hook up to the internet.
No way of getting taken over then, I guess this
might not work for you.
Use a Firewall Product
There are many
excellent personal firewall products on the
market. Windows XP Service Pack 2 offers a basic
one which will provide modest levels of
protection. But if you have a broadband
connection and spend significant time online
then you need something stronger. Zone Labs
offer a free firewall product (as well as higher
level products) called
Zone Alarm.
This free download provides excellent levels of
intrusion protection at a price that cannot be
beat. And it provides an update path to its
higher level products such as ZoneAlarm Pro and
their new product Zone Alarm Security Suite.
I’d check them all out before deciding upon one.