Computer Security & Data Security

Personal Computer Security and Data Security

by Doc Farmer – Information Security Subject Matter Expert from Infosec, Inc.

Okay, here are some tips to help keep your systems safe and secure. Understand, I mainly secure mainframe systems (as a Senior Security Specialist at InfoSec, Inc, but I’ve been in the IT industry for over 32 years so I’ve picked up a thing or three along the way:

1: BACKUP, BACKUP, BACKUP!

Can’t stress that enough. You’re going to lose data from time to time. Either from a hardware failure (bad disk), hitting the wrong button (deleting by accident), viral attack (if you don’t do 2 below), or theft of equipment. If you’re at work on a LAN, store your data on a LAN drive that you KNOW is being backed up – ask your tech staff which drive is backed up, and how often (it should be nightly), and IF THEY CAN RECOVER THE DATA! A backup tape isn’t worth a hoot if it can’t be fed back into your system. If you use a standalone home computer or laptop, consider getting Carbonite – the annual fees are very low, they back up all of your data (but not your programs – keep your installation discs as ISO files and back them up in a folder via Carbonite, too – and don’t forget to save your serial numbers!) and recovery only takes as long as your internet connection. Also, they securely encrypt your data, and DON’T share the encryption keys with the government.

2: Anti-Virus Software.

There are too many out there to mention right now, but you probably know the names of the more famous ones – McAfee, Norton, Kaspersky. Shop around a bit, test them out and see which one works best for your needs. Most A/V software these days also include a full integrated security suite (firewalls, anti-spam, anti-spyware), and a more user-friendly interface so see what you can cope with. One thing – this is a case where less is more. Don’t think that if one A/V software package is good, two will be twice as good. A/V software doesn’t hit 100% of all known viruses at any given moment, because folks out there keep writing new viruses. Like the saying goes, if you build a better mousetrap, some schmuck will come along and build a better mouse. What you “gain” in protection from gaps in one A/V package, you’ll easily lose in system overhead and contention issues.

3: Your Internet Connection.

I doubt you’re using dial-up anymore. If you are, shame on you! If you’ve got a cable service, get a cable modem. If you’ve got a phone service, get broadband. If you’ve got either one, get a router that can a) control your IP address as it is viewed by the outside world and b) provide you with one encrypted line out when necessary.

4: Keepin’ It Clean.

No matter how careful you are, you’re going to end up with clutter on your system. There are several cleaners out there (many of them freebies) which can pull out old files, temp files, find spyware your A/V software missed, take care of privacy issues on files you’ve deleted or cookies you’ve obtained without your knowledge, etc. Advanced System Care Pro, SpeedUpMyPC, PC Pitstop Optimize, and even the bog-standard Windows Disk Cleanup (cleanmgr.exe) can be used alone or in combination to ensure your system pumps out the bilge. Just be sure you do it regularly!

5: Power.

Buy a battery backup for your system at home. If power goes out, turn off the monitor to maximise the time your system can remain running – when you get within 5 minutes of the battery running out, turn it back on again and do a controlled shut-down of your system(s). The nice thing about these is they also condition your power, so if your electrical supply has spikes, transients and noise (and almost all of them do) it will even out the bumps which will reduce the risk of damage to your systems. Even a 0.1 second power jump can cause problems for you, so invest here. (NB: if you;ve got a big-screen TV and a cable box with DVR, get a second battery backup for that as well – trust me on this one.) If you’re at work, make sure your IT team provides you with a power strip that will protect against surges. If your work is critical for daily operations, make sure to request they put your outlet(s) on the external generator/backup system, which should kick in automatically whenever there’s a power drop, drip or spike.

6: DON’T BRING SOFTWARE TO WORK!

If you’ve got a home system, you can’t help this one of course, but if you’re in an office, NEVER ADD SOFTWARE! Even if you’re sure it’s “safe” it may interfere with other software on your PC or network. 99% of the time it’ll have a virus payload that you were unaware of, and you could do serious damage to your system, your network, and your continued employment.

7: WiFi, Bye-Bye.

From a secuity standpoint, using WiFi to connect to the internet is akin to standing naked in the middle of Yankee Stadium during the 7th inning stretch. Everybody’s gonna see what you got! Home systems are regularly hacked this way, and if you’re using a laptop at Starbucks or McDonalds, well, let’s put it this way – DON’T! Drink your double-caff-half-caff-de-caff-re-caff-turn-your-head-and-caff latte or eat your Big Mac, don’t try to “work” at the same time. At home, go with a wired (not wireless) system – it’s faster, it’s safer, and it keeps you from trying to do work in the living room while your kids have a Barney the Purple Dinosaur slowly draining your sanity away…

8: Full Disc Encryption.

One word: don’t. Not unless you work for the CIA, MI6, or if you carry the Colonel’s Secret Recipe of 11 herbs and spices around with you all the time (by the way, it’s 6 parts salt to 5 parts pepper…). Causes way too much overhead, because your system has to encrypt/decrypt everything you process, including programs. Encrypt only what you need to encrypt – sensitive data folders. Also, make sure you have proper key management and control, which is NOT a Post-It note.

9: Passwords – CHANGE THEM!

You’ve got to deal with a lot of different passwords. Don’t make them all the same. Don’t keep them for more than 90 days (30 is preferable). Invest in a password safe – a bit of software that you keep on a system to safely store and protect your passwords, while giving you access to them when you need them. Please remember this is also the case where password management doesn’t equate to a Post-It note.

10: e-Mail is NOT a secure communications venue!

Neither is instant messaging or VOIP (with the possible exception of Skype, which does encrypt calls and IM). If you have to send secured information via e-Mail, zip and encrypt the files you want to send, and for pity’s sake DON’T send the decryption password in the e-Mail message – you’ve got a telephone, so use it! I heartily recommend you also get a digital signature for your e-Mail, and use it only when and where necessary. Sending kitten photos to your 98 year old grandmother doesn’t need to be quite as secure as a customer’s sales database you’re sending to your tech staff for debugging and analysis.

And this is just the start…

Hope this helps. Many thanks!

Doc Farmer
Senior Security Specialist
InfoSec, Inc.

Website: http://www.InfoSecInc.com
Email: Work or home
LinkedIn: Doc Farmer –> (Click Here to Connect)

Technorati Tags: Anti-Virus, Backup, Computers, Internet, security, software, Technology, virus, Wireless