Does anyone else find it hard to pick up work after vacationing? Having completed a weeks worth of vacation I am back to the grind….well….sort of.
I am using this day to read up on new stories and technologies for new content on the site. Please bare with me while I compose myself and get my head out of the vacation cloud. Of course this is not easily done…
As you can see from the last post we are now taking posted questions to better serve our users. As well I would like to add if there is a new technology or concern you would like for me to address please post a comment to this blog. I would be happy to research and address topics for our users.
After all….It is you the end user for which we create the content.
When you purchase a new computer and install it out of the box you hunger to get operational and active.
What you don’t know about security can be your downfall.
In today’s computing environment including but not limited to Internet browsing you must consider security measures to protect your data and your computer.
Vulnerabilities can include email, communication ports, wireless networking, spy ware, viruses, and securing the computer from local access.
We will review each in detail in this series. This article is designed to help protect you and your computer in hopes your computing experience will be a more pleasurable and safer one.
As a rule when dealing with incoming email regardless of what email client you use you should generally never open an email if you do not know the party the email was generated from.
Your email client should be set to prevent attachments from being displayed or opened unless confirmed by you. Attachments can be set as executable and malicious software can be installed on your local machine.
A good way to prevent some of these entities is to have in place a good Spam blocking utility. Spam blockers can detect most types of spam that are used to either gain entry or used in phishing scams. You may ask yourself: What is phishing? Phishing is a practice used to gain information you may not consider valuable. In many cases this information can be used by the entity to obtain more valuable information about you for the purposes applying for loans, credit cards and other financial gains in your name.
Another practice to keep is anytime you use your email client you should not send valuable information such as drivers license numbers, user names or passwords for accounts(of any type). One practice that is widely used by scammers is to send an email that looks as though it is from a financial institution requesting that you update your account information. Once the information is sent you have now granted them access to the proposed account.
Setting rules to your email client can help prevent these as well. Rules are a way for your email client to detect certain words, domains or email addresses in the email and a subsequent action being taken by the email client such as deleting it automatically. Rules must be configured manually by the user for each email account. The configuration must be monitored and adjusted accordingly as tactics constantly change.
2. Internet communication ports
There is no basic way for you as a computer user to know which ports are open and dangerous on your computer. In order for you to protect yourself from these types of entry you will need to implement a firewall whether it be a hardware or software firewall. When using a firewall: remember they require constant monitoring and configuration.
Firewalls are only configured for basic prevention out of the box. Unless you purchase a monitored firewall software that receives frequent updates and rules. You must constantly stay updated on what ports are being used by hackers, viruses and other malicious code.
One of the easiest ways to keep your computer safe from entry is to use the Windows automatic update feature. Microsoft is constantly patching and reconfiguring the Windows operating system to block vulnerabilities. You must insure your Windows version is set either to automatically retrieve these updates or you need to check the Microsoft update site at least once every two weeks to insure your version is up to date. Remember if you reinstall Windows for any reason all past updates received will need to be reapplied.
You can check your version of Windows to insure you are receiving automatic updates by opening the control panel. Select the system icon and double click the icon. Select the automatic updates tab and review your current settings. If you have scheduled your system for automatic updates and installation make sure you set this action for an appropriate date and time your computer will be in use.
3. Wireless networking
Wireless networks are considerably vulnerable to entry. If not configured properly your wireless network can be used to obtain information and gain access to your local computer.
When configuring your wireless router or access point the easiest thing to do is to disable SSID broadcast. This prevents other wireless network cards from detecting its presents.
You should always change the default user name, password and SSID set by the manufacturer on your wireless unit. The default information is shared by other hardware produced by the manufacturer. This is an easy way to gain access if the information is not altered.
Use encryption on your wireless unit. This may look a little scary and prevent you from configuring your encryption as manufacturers use many acronyms to describe each security encryption type. There are several encryption types available for use. No one encryption type is 100% secure, but in conjunction with other security measures they can be used to maintain a formidable security policy. Just remember when configuring your wireless device that manufacturers publish extensive how to articles on their website for your review. As well when you purchase new hardware the user typically receives an allotted time of free support. Whether this is done through the internet or phone support the manufacturer will be willing to provide their customers the appropriate support for configuration.
Note: This should be considered and verified when selecting wireless hardware and before purchasing new hardware.
Mac filtering is a very secure way of preventing access to your wireless network. Mac address filtering pertains to the MAC address of your wireless card. Every network card has a physical address and every address is unique. Designating which MAC addresses can connect to your device prevents all others from obtaining access. The MAC address of your network card is printed on the device and may be named as “Physical address”. If you cannot find the address you may as well open the control panel and choose network connections. Right click the wireless device and select the status button. On the opened status window select the support tab and the MAC or physical address is listed.
Another security technique used is to disable the DHCP functionality or your wireless device and assign static IP addresses to each computer that will connect through wireless. This will prevent your wireless device from assigning an IP address to unknown devices.
Note: Your wireless access point may not have DHCP capabilities.
When configuring your wireless network there is an option to add a computer to the “DMZ”. The DMZ is known as the de militarized zone and leaves the specified computer unprotected (This true for all router devices). You should never use this option. If you need a particular port open to run web based software or gaming software you should contact the manufacturer of the software for the specified port and then open only that specified port if your software is not functioning properly.
Anytime your computers are not being used they have no need for Wireless capabilities. You should disconnect the wireless units power. Access cannot be obtained when the device is powered off.
4. Spyware or adware
Spyware software was originally used to track habits of Internet browsing for the purpose of aiding companies in delivering more attractive ways of driving traffic to their websites.
In more recent times this software is used for delivering pop up advertisements, tracking your movements and can be used to deliver other more harmful types of software such as viruses. These types of software are common and typically delivered as tracking cookies.
There are many sites that use more harmful types. Typically these sites offer free entry and use of their software for on line gaming or other purposes. A good practice is to avoid these types of sites and advertisements.
You should add a good spyware scan utility to your arsenal which will help maintain your security. When selecting a spy ware scan utility insure your purchase includes automatic updates of the program and definition files as well as a scheduling feature. Having the ability to schedule scans and updates will help keep user maintenance to a minimum.
The best practice would be to have a couple of lines of defense here. In my experience no one single utility has been able to identify every type of spy ware or ad ware infection. I would recommend using a free spy ware utility in conjunction with your purchased software. You should scan your system for spy ware at least once every week (dependent upon your Internet activity habits you may require more or less frequent scans).
Most don’t realize how vulnerable they are to viruses. If you own a PC you should own good virus protection software. Not only own a good software title but as well the software must be maintained through updates. Most manufacturers publish updates to their virus detection database weekly. If you own virus protection software it is a must to configure automatic updates on a weekly basis. The manufacturer of your software can provide you with the date of published updates in order for to configure the date and time of your automatic update.
Setting a full system scan is very important. You should scan your PC every time an update is made available. If you decide to configure scheduled scans it should coincide with the date the published update is made available and after the update is applied. As well you should designate exactly what to scan and what not to scan. Make sure when designating what to scan if you use external drives or partitioned drives that they are included in the scan.
When purchasing your virus protection a few things need to be considered before deciding which title to buy.
1. Does it have email protection?
2. Does it protect your instant messaging software from allowing infection?
3. Does it have spyware detection capabilities?
4. Does it block against internet worm viruses?
If the virus software you are considering does not protect against of these types of infection move to another title for consideration.
Remember: Virus software licenses are typically good for one year from the date of purchase. You must renew your license in order to receive further updates and maintain protection.
6. Securing the local Computer from being accessed
The first thing to consider is implementing an account password. Most people use passwords that can be easily remembered such as a birth date. If it’s easy for you to remember it may be easily guessed by another user. Passwords should be at least eight characters and should include upper, lowercase letters as well as numbers. Implementing this strategy will prevent most software titles that can be run to obtain your passwords from completing this action easily. You should frequently change passwords as well. Not just your user account password on the local machine but as well you should alternate passwords to secure websites or passwords for internet accounts.
Your computer can be accessed easily if you walk away for even a moment. If your PC is accessible by other users you should configure a screensaver password with the same guide lines as the password for your user account. This can be easily done by opening the control panel and choosing the display icon. On the screen saver tab select the item that states “on resume, display log on screen” or “require password”. Set the wait time for one minute and select apply. This will activate your screen saver after your computer is idle for one minute. The screen saver will only activate if the computer is idle or has no activity for one minute.
The same guidelines that apply for powering down your wireless unit when not in use apply to the local machine as well.
If you decide to document your passwords for accounts (of any type) this documentation should be kept in a secure location.
When considering these guidelines you must remember: Computers, security techniques and practices evolve constantly just as the strategies of intrusion do. It is a priority that you maintain your knowledge of prevention to keep your data and computer operating system safe.
With everything you have to stay on top of to maintain computer performance and security here is one more. Anytime you update system software or third party software it can impact how your hardware performs.To maintain peak performance you as well needto update your hardware drivers. This is necessary due to changes made in either system or third party software.
Microsoft and other software vendors design their software to work in specific conditions. These conditions are set by the latest hardware available and how it relates to software functionality.When you update these types of software your hardware may not work optimally or you may experience a failure of the device or software.
Just as you update Windows or any other software you should maintain the latest version of your device drivers. Here is the easiest way to keep drivers updated. If you own an OEM computer such as a Dell, Gateway, HP, Compaq or Toshiba you should visit their support pages to obtain the latest version of software and drivers for the devices installed on your computer. These updates will be listed by published date. Be sure to follow any specific installation
instructions provided by the manufacturer.
If you do not own an OEM machine or if it was built by your local computer store then review your hardware documentation. Your receipt should list the installed components. Once you have the list of devices you can search each manufacturers website for the drivers and software individually. Be sure to follow any recommendations or directions
provided by any hardware or software manufacturer when updating device drivers.
Updates to device drivers are not published as frequently as other software updates so you should check periodically for updates. Manufacturers usually publish driver updates every few months as a general schedule.
Over time the “registry” in which Windows and other applications store information can begin to hold data that is no longer valid. Such information links to a location where there was a file or program, but the file has been moved or the program uninstalled.
Often such invalid links occur because uninstalled programs do not completely remove their registry entries. Whether the uninstall process fails or the uninstaller does not correctly remove all the entries. This can occur due to programs not being correctly uninstalled by the user or a user views a file attached to an email without saving them to disk first, or applications have been relocated without uninstalling and reinstalling them. A registry cleaner utility can come in handy to make this easy.
This invalid data eventually begins to clutter the system registry, slowing Windows down and causing other possible problems.
The Windows registry is simply a database which contains information on the Windows operating system and third party applications. This information is read at start up and includes system variables which tell Windows exactly how to operate. If this information is corrupted you will notice performance issues and can experience system error messages such as but not limited to runtime, script and start up errors.
It is recommended to perform routine maintenance to the Windows registry to maintain optimal performance. There are many products which can aid in the maintenance of the Windows registry. These utilities will aid in grooming the registry. This can be particularly helpful if you are not a certified technician. Even Microsoft states when editing the registry that making an error while editing it can disable your Windows operating system. Running such programs at least twice a month is recommended. If you routinely make changes to your system a more frequent schedule is recommended.
There are several registry cleaners on the market but only one that guarantees their software will fix your computer problems or their tech support will as long as your membership is valid.
I do recommended reviewing any Microsoft documentation on the Windows registry for your particular operating system version if you plan to manually edit any entries. These articles can be informative and give a better understanding of how the registry works. For information on your particular version of Windows please visit the Microsoft knowledge base at www.microsoft.com