A user recently asked me what I would recommend to keep his home computer as secure as the ones at our office. Here's the list of considerations I gave him.
I was recently asked by one of my users, "Why do the computers at the office seem to fend off the malicious threats that always seem to invade my home computer?"
I have a pretty strict personal policy against giving help and advice to people concerning their home computers, but after a brief conversation with this person, I decided to give him a list of things to do at home that would go a long way to securing his personal computer. In some cases, he asked me to recommend brands or products, but instead of giving him any particular product recommendations, I recommended a particular store instead and told him to ask the sales associate. (I didn't want to get THAT involved.)
Anyway, here's the list of considerations I gave him. I have, however, expanded on them a bit for this blog piece. And depending on the operating system and types of products a person uses, some of these might offer redundant protection — or another level of protection, depending on how you look at it. While this might seem elementary to a lot of us old-timers, it's certainly worth a review from time to time.1. Updated software: Configuring the auto-update to run on a regular basis is the best way to make sure it gets done. Mine are scheduled to run at 3 AM. I know it might pose an inconvenience to find that your computer has rebooted in the middle of the night (especially if you failed to save a document!), but it's one way to make sure that Microsoft's regular security updates actually do get installed. It's too easy to put it off. Updates to the operating system, MS Office, Internet Explorer, and so on are released for a reason. The quicker they get installed, the better. It's the biggest reason I keep my computer running all night. 2. Anti-virus software: You would think that this is a no-brainer, but I've often run across people who either don't have it or don't keep it updated. Doing both is an absolute must. We could argue all day about which product is the best, but they'll be no argument when I suggest that anything is better than nothing. I've never been a huge fan of off-the-shelf Norton products, but I've had great luck with the corporate edition. Stopping short of recommending a particular product, I did advise him to avoid the suites. And installing it isn't enough. Make sure it's also configured to automatically download the vital software and virus-definition updates. I also do this on a daily basis. 3. Anti-spyware software: Again, there will be arguments and discussions about which is the best, but it's another must-have. 4. Software firewall: Having something like Zone Alarm installed will prevent all sorts of malicious malware from finding its way onto your computer, not to mention preventing those annoying pop-ups. 5. Hardware firewall: For home use, a firewall router is adequate. The person who initially asked me about this had a router, but not a firewall router. No wonder he was getting inundated with pop-ups and such. And while it might be a bit of a stretch (or maybe not), keeping it updated is something that I would recommend. I recently threw out an old Linksys firewall router when I could no longer update its firmware, and I replaced it with a newer Cisco model (Cisco actually bought Linksys). I have the BEFSX41 model, and it's performing quite nicely. 6. Passwords: I recently wrote a blog piece on passwords. Their proper use provides yet another level of protection for a home computer. 7. Phishing e-mails: The reason they keep coming is because they're so successful in duping people out of their personal information. Learn to recognize them, and never respond to them. Always assume that any e-mail that requests personal information is a phishing e-mail. 8. Free Internet downloads: I know this isn't always possible, and I suppose I'm not talking about ALL free Internet downloads, but use good judgment on what you should and shouldn't download. For example, I have an Internet Poker site that I prefer, one that offered a free download, and it's perfectly safe and legitimate. But others I wouldn't touch with a ten foot pole. And those free registry cleaners, free spyware scanning tools, and so on, often do more harm than good. In fact, I would venture to guess that the majority of such things are malware themselves! 9. Backup, backup, and backup: My home computer is probably not unlike most people's, with the usual documents, pictures, music, e-mail, and so on. However, where mine is probably different than most people's is the presence of a two-tiered back-up system. Do you realize how many home users don't back up their data at all? I have an extra internal hard drive for storage of a daily backup. This is also an automatic process, just like the Microsoft updates, in which a simple batch file incrementally copies (via xcopy) targeted directories (folders) from Point A to Point B. Point B is, of course, the extra internal hard drive. I also have an external hard drive with a USB interface that I plug in on a regular basis and globally copy my saved data from Point B to Point C. 10. System documentation: In case you ever do need to restore or reinstall, it's vital to have quick, easy, and accurate access to the software CDs and serial numbers, the hardware CDs and documentation, and so on. I recommend a 3-ring binder with pocket inserts for operating system and software CDs, including the hardware CDs and documentation. Personally, I even go as far as keeping my original boxes, cutting them up so I can put them into a sleeve with the rest of the documentation. I also keep all my configuration information in there.
In the worst-case scenario, if, in the very least, you have numbers 9 and 10, you can restore your system — complete with your current data. But with proper implementation of numbers 1 through 8, it'll probably never come to that.