General discussion

Locked

Security for Home Office

By Glarock ·
I am putting in a firewall for an accountant, she has a linksys router and Windows XP Home on her computer. She is worried about her data (She has SS#'s and W2's). Should I put in a hardware firewall like Sonicwall TZ 150? She currently has the Linksys router and Norton Anti-virus and Firewall. Or is the router and Norton Firewall enough?

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to Security for Home Office

well she's got layered security. The router with a firewall is the perimeter firewall. The Norton Personal Firewall is the network firewall and stealths all ports from probing. Make sure the Linksys does NAT, has the remote management function disabled, NAT redirect disabled. RIP disabled. The admin user name and password changed. Filter ICMP. Block WAN ICMP.

I would check out the computer security rather than spending $$ on more firewalls. Probably use the $$ for a firewall upgrade to upgrade from XP Home to XP Pro.

For local machine security, if she's using the local admin account for her account, change that so that her account is a user account with limited rights. Change the name of the admin account and set a strong password. Disable the guest account. make sure that services such as telnet are disabled. Make sure the file system is NTFS and with the data that's sensitive, encrypt it [[make sure the recover agent is backed up on removable media]and set permissions so that the everyone group is removed and only those she wants access are listed. Disable simple file and folder sharing.

With that, coupled with the two firewalls and AV she's about as secure as she can get with XP.

Collapse -

by wlbowers In reply to Security for Home Office

In todays world she should be.

I haven't trusted nortons for a while. Things like this keep coming to light. A major Company recently dumped Nortons for etrust. We bring good things to light.

http://tinyurl.com/b9xhe

Upgrade to XP pro. Rip out Nortons by the roots (pun intended) and:

Install Computer Associates eArmor.

http://www.my-etrust.com

She can use a data encryption software on the folder that is used for all of the data.

Fingerprint access is coming of age for small business.

Lee

Collapse -

by rkuhn In reply to Security for Home Office

CG IT is right on the money.

The only thing I might add is to install some form of anti-spyware/anti-adware as well.

I like the free ones such as Adaware, Spybot, and Spywareware Blaster plus maybe MS's Anti-Spyware too.

Collapse -

by secureplay In reply to Security for Home Office

First, since she is an accountant, she is right to be most concerned with her data. You have not mentioned back up. An external storage device for all of her business data hooked up via her USB connection & backed up regularly with a multi-day, multi-week schedule (we use a Buffalo Linkstation, I think, with a second hard drive for backup). She should remove this drive from the computer when not in use. Also, disconnect the system from the Internet when not online (move the cables to make this easy... if necessary, add an extra ethernet switch to move the cables in front).

Test the backup.

If she is really disciplined, she could move all of her key data to a thumb drive, but then you need a good solution to back that data up.

An alternate option for multiple customers would be to have each on a R/W DVD drive - so their data is only on the PC when active. Again, these disks do need to be regularly backed up.

A really good option would be to not have her accounting computer hooked to the internet at all. Sneakernet anything to a second PC that is internet connected. Backup, Backup, Backup.

Back to Security Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums