How to keep your computer safe
The Secret Service recently put out a list best practices you can do to keep your computer safe. Keeping your computer free of viruses and other malware is important to make sure products such as internet banking aren’t broken into, but they can also cause annoying problems like slowing your computer way down. I have added my comments in green.
Internet Self-Defense: Basic Best Practices
1. Run the most up-to-date operating system possible. New systems have many security fixes built-in and the developers really do learn from their past mistakes. The only good reason for running an older system is if you need a program that will not run on the new version. But do you really need it? Is there an update available?
2. Do your daily tasks as a “normal” or “limited” user. This keeps nasty programs from making changes or installing themselves without your taking action to allow them. It’s worth taking the time to lock down your system and open access to what’s needed.
Most people probably only have one user set up on their computer, but the Secret Service is saying you should set up a second user. One user should be set up as an “administrator” and one should be set up as a normal user that can use all the programs on the computer, but doesn’t have the ability to download and install new programs. Then you and your family should only use the normal user ID unless you specifically need to install a new program on your computer, in which case you will then sign in as administrator. If you need help doing this, do a search using the google search to the right of this screen.
3. Update Adobe Flash, Adobe Reader, and Java on a regular basis. Once a week is a good plan. Many of the viruses that can infect your system come through these programming frameworks.
Most people aren’t aware that a majority of viruses now are introduced through Adobe Reader. When that annoying notice pops up telling you to update Adobe, don’t ignore it.
4. Turn on automatic’ update. Run a manual system update (like Microsoft Update) every now and then to make sure it’s working properly.
5. Don’t open e-mail from people you don’t know or aren’t expecting. Don’t open unexpected attachments from people you DO know.
Hackers can be very tricky in coming up with ways to fool you into opening emails. Be careful.
6. Run antivirus and keep it up to date. Remember that it’s just one layer of defense; viruses and malware can get through every antivirus system.
I use Microsoft Security Essentials, a highly rated anti virus program that is completely free.
7. Install anti-malware and perform a scan every week or so.
I use Malwarebytes, which is also free.
8. Windows XP users should run an additional “program guard” to prevent programs running and installing themselves without warning.
9. Consider perimeter defense. There are content-blocking services that you can set up to prevent your systems from visiting certain web sites. These lists are always a step behind but are better than nothing. Many firewalls also have an extra layer of virus scanning capabilities.
I wasn’t aware of this one. I had to do a google search to see how to do this.
10. Use different passwords for different accounts. If someone hacks your Facebook account they shouldn’t also get access to your online banking, PayPal, eBay, and credit card.
I think everybody knows they shouldn’t use the same password at every site, but keeping track of all those passwords is hard. One solution is to use password manager software, which keeps track of all your passwords for you. Another option is to have a some kind of a system to have a different password at each site.
For example if your password is “password” (it should not really be “password”) then you could just add something such as the first letter of the web address to it for every website you visit. So your password to Facebook would be “Fpassword”, your password to XYZ Bank would be “Xpassword”, etc. This way your password is still easy to remember, but now it is different at every website. You should probably come up with your own system for this. See below for more password tips.
11. If something seems wrong, looks funny, or your system is acting strange. STOP. Call for help, when in doubt contact an IT professional. Do not go to any sites that need a password. Do not go to your bank, Facebook, or e-mail.
12. Lie when you answer “security questions.” How hard do you think it is to find your mother’s maiden name, name of the street you grew up on, where you met your spouse, etc? Come up with different answers to these questions; keep them in your locked file cabinet to keep your challenge questions safe.
This is interesting advice coming from the Secret Service. The problem is that so many of those security questions can be easily answered by looking at your Facebook page real hard or doing a google search for your name.
I have a friend who is an IT expert that does this. Instead of answering the question that is asked, he enters the same phrase every time, which is probably easier to remember than some of those questions, anyway.
How to come up with a strong password
I think the Secret Service’s list of ideas is pretty good, but they didn’t say anything about complex passwords so I will add my own advice. Websites are now requiring more complex passwords, and this frustrates people because it can be hard to come up with a word that has numbers, letters, and special characters that is at least 8 characters long. Instead of trying to come up with a word that meets all these requirements, why not come up with a pass phrase. If your pass phrase is something like “I have 3 dogs.” that is easy to remember, and should meet all the complexity requirements for almost every website.