If you’re like most people, keeping your computer secure is a task similar to dieting – it’s something you’ve heard a lot about, everyone you know has an opinion, yet no matter where you are with it, you suspect that you’re still not doing the best you can.
We can lock our computers down so tight that nothing gets done without a half dozen pop-up windows asking “Are you sure?” after every mouse click. Or, we throw caution to the window and shut all that “annoying” security stuff off, which makes it much easier to get work done — until the next virus or trojan hijacks our machine, and we’re offline for days (or weeks) trying to clean up the mess and make up for the lost time.
Real-world PC security falls somewhere comfortably between “front door wide open” and “Def-con 1“. The problem is, most articles on computer security discuss theory, not fact. Rotating “strong” passwords sounds good on paper, but in the real world it means you’ll create a password so complex you’ll have to write it down to remember it (which is like putting the front door key under the doormat), only to have to change it several times a year.
What you actually need to do is assess the level of security required for the asset being secured. You need a stronger password for your GMail or Yahoo! Mail account than your personal workstation, because your web-based email account is exposed to the world, while your personal computer is only vulnerable to those who have physical access to it. Until you connect to the Internet, or install software from an untrustworthy source.
Which brings us to the “real world PC security short list“. Three things you must do, or be prepared to do, to have reasonable security as you surf the web and expose your computer to the risks – and benefits – of the global Internet:
- Use hard-to-guess passwords for all important assets
- Use a software firewall at all times
- Use ONE anti-virus program, and update it regularly
The best way to protect your computer, email accounts, online banking and such is to make a “hard-to-guess” password. Given enough time, opportunity & resources, *all* passwords are crackable, so don’t go crazy trying to create a password that would require a supercomputer to defeat — you’re not securing the president’s nuclear launch codes. You just need to keep the script kiddies and automated password cracking programs out.
A simple method of creating passwords both hard to guess and easy (for you) to remember without writing them down is to combine two words & use a substitution method. For example: start with “crack” and “this“. Join them with an asterisk, so you now gave “crack*this“. Next, swap an “@” for the “a“, “#” for the “h” and an exclamation mark for the “i“.
Your password is now “cr@ck*t#!s“. No brute force dictionary hack is going to crack this: it would literally take going through every combination of ten character combinations until the one you created was randomly stumbled upon. Yet, you should be able to remember it (relatively) easily, since you know what you started with, & what you combined & substituted to get the end results.
Software firewall/Anti-virus program
I’m going to save time (and column space) here, and just make a recommendation: download and install Microsoft Security Essentials. It’s good, it’s free, and since this post is about PC security, it secures every version of Windows from XP to Windows 7 (if you’re using anything earlier than XP — c’mon now… really?)
|Microsoft Security Essentials (Photo credit: Wikipedia)|
Now the readers of this blog, and this series, may be surprised that I don’t provide a short list of options here. There are other free anti-virus and firewall programs that are about as good as MSE, and you may be using them. If so, please continue. But the focus of this post is security as a business process, not as a technical consideration.
For those of you who aren’t using anything, and thus are unfamiliar with activating and configuring a software firewall, MSE’s advantage is that it provides a best-of-breed antivirus program AND automatically activates and configures the built-in Windows firewall, saving you the headache of closing the firewall too tight, and helps you avoid the risk of finally shutting it off because the frustration of calibrating it becomes too great a disruption of your workflow.
When all else fails
Even when you do all of the above, your computer may still become infected. PC security is an arms race, and a constant compromise between locking your computer down until it becomes unusable, and leaving that one thing open that lets the badguys in.
Before that happens, do yourself two favors. First, download and install Malwarebytes Anti-malware. Install it and upgrade its definitions. Make a habit of upgrading the definitions every other week, just as a force of habit. Why? Because if your computer ever does become infected, this most likely may be the only program that will clean up the infection — but the security definitions MUST BE UPDATED to deal with the newest infections, which pop up faster than bad pop songs on iTunes.
The second favor is to bookmark these free, online anti-virus scanners in your browser of choice:
If you are running MSE (or another anti-virus/firewall combination) and your computer becomes infected anyway, it will most likely be a trojan – software that masquerades as something harmless and buries itself into the operating system itself. Definite signs of a trojan infection are that your antivirus program stops working, and your browser is blocked from connecting to the Internet. That’s why you need Malwarebytes already installed and updated – you’ll need to run it to kill the trojan, and restore funtionality.
After an actual infection, I like to be double, triple sure that all traces of scum-ware have been removed. That’s where the above websites come into play: they are the best online antivirus scanners available. They’re all free, and are online services offered by the best anti-virus companies in the business. I recommend that you run more than one of them to ensure a clean machine – the truly paranoid among you can run them all.
In closing, remember that security is a process, not a program. It’s how you do what you do that keeps you secure. For further details on this subject, check out my FREE eBook, “4 Things You MUST Know About Computer Security“, available to read online or download to your hard drive.
And don’t forget to scan it after you download it — trust noone.