|
||||
 | ||||
|
| Avoid Security Breaches On That New Computer |
 Email This
 Print ThisView My Personal Library |
|
News, Views & Expert Advice February 2005 • Vol.3 Issue 2 Page(s) 16-17 in print issue |
|
Avoid Security Breaches On That New Computer Windows Warfare |
|
In a perfect world, computers would have adequate security right out of the box. This would seem to make sense because other crucial things in our lives include the necessary security functions: Our ATM cards have PINs and our residences have deadbolts and security systems. Yet the security of most new PCs, whether they come from big-name manufacturers or your local computer shop, leaves much to be desired. Unless you plan on never connecting to the Internet and are assured that no one will ever have physical access to your new PC, it is vulnerable as soon as you plug it in. That's the bad news. The good news is that it's not terribly difficult to secure your new PC, and once you perform these steps, you can get down to the real business of enjoying your new toy (or work device, if that's what you must call it in the presence of others—I understand). Even better, you won't need to shell out money for this security because the tools you'll use are either already included with Windows or are available for free on the Web. Because most new PCs use either Windows XP Professional or Home Edition for their operating system, I'll stick with tips for securing either one of these environments.  Patch Up Windows For all of its power and flexibility, Windows constantly falls prey to crackers who work hard to ferret out security holes in the OS' code. Microsoft does a decent job of releasing patches for Windows as holes are discovered, and many of these patches are contained in service packs. The most recent release for WinXP is Service Pack 2, which could already be installed on your system if it's only a few months old, because OEMs (original equipment manufacturers) had access to it before consumers did. Check to see if SP2 is already installed on your system by right-clicking My Computer on your Desktop and clicking Properties. On the General tab, if Service Pack 2 is listed, you don't need to worry about holes in Windows, but you'll still need an antivirus application and a firewall configuration that scans both inbound and outbound connections. If SP2 isn't installed on your computer, visit the Windows Update Web site at windowsupdate.microsoft.com. However, you should first enable WinXP's ICF (Internet Connection Firewall) before going online—you'll see an option for ICF when you configure your Internet connection. Once you enable ICF, click Express Install on the Windows Update Web site to begin the update process for your computer. A more secure way to obtain and install the service pack is to use another PC with Internet access to download it. If you have another PC, got to www.microsoft.com, search for "download service pack 2," and click the following result: Download Windows XP Service Pack 2 For IT Professionals And Developers. After you download it, burn it to a CD and install it on your new computer. After you install the service pack, enter the Security Center control panel. Make sure Automatic Updates is configured to automatically download and install critical updates for your computer, or at least set the utility to notify you when new updates are available. If you're more cautious about what's being installed on your PC (a commendable trait), configure these updates so they aren't downloaded and installed in the background: You always have the right to know up front the comings and goings of your PC.  In the Security Center, you'll also notice that ICF is now called Windows Firewall and is turned on by default when you're running Service Pack 2. For basic protection, it does an adequate job of protecting your computer from inbound threats. However, the Windows Firewall won't protect your computer from malicious outbound connections. This means if you download a malicious program that is not detected by your antivirus or other security software, that program can easily connect to the Internet and provide a passageway for someone to access your computer. In fact, many hardware firewalls included with networking hardware, such as routers, don't do much to protect against outbound connections, either. Ideally, you should use a hardware-based firewall (check your networking equipment to see if it includes one) along with a free third-party firewall such as ZoneAlarm (www.zonealarm.com) or Sygate Personal Firewall (www.sygate.com). At the very least, use one of these third-party firewalls. When it's installed, enter the Security Center and disable the Windows Firewall. After you configure your firewall and update Windows with the latest service pack, you can now address other security areas such as antivirus and anti-spyware. Virus Vulnerability The highest priorities for securing your new PC are a firewall and the latest patches for WinXP, including SP2. Once these elements are in place, you can start to gather other pieces of the security puzzle. Again, if you have another Internet-connected computer, it's best to download any further programs using that computer, burn them to a CD, and install them on the new computer, although at this point you have a slightly larger safety net when using a properly patched WinXP installation. Amazingly, Microsoft still doesn't include antivirus software with its operating systems, so you'll need to install an antivirus program immediately. A free, effective option is Grisoft's AVG Anti-Virus (www.grisoft.com). After you download and install the program, make sure you download the most recent virus definitions so you're protected against the latest threats. Keep the program running in the background at all times and configure it to scan your incoming email for hazardous attachments or other malicious code. As you install other software, such as office productivity applications, you should immediately check for updates to those programs because online threats aren't limited to just your operating system or incoming viruses. Never assume that any program you're installing either from a CD or the Web is the most recent version or includes the most recent patches. Instead, visit the developer's Web site before installing the software to see if a recent patch is available for download. If it is, download it and have it ready to install immediately after you install the software. For Microsoft applications, like the Microsoft Office suite, you can simply visit the Windows Update Web site and let the online utility search for updates, but just be sure to do it right after you install the software. More For Good Measure Once your firewall is in place, WinXP is patched, antivirus software is running, and your programs are up-to-date, you can branch out even further to protect other parts of your system. Technically, at this point you can browse the Web and use other Internet resources without any major risks. But keep in mind that you'll quickly accumulate spyware and adware as you browse the Web, so the sooner you install a good, free spy-ware scanner such as Lavasoft's Ad-Aware (www.lavasoftusa.com) or Spybot Search & Destroy (www.safer-networking.org), the more quickly you can keep your system free and clear of these annoyances on a regular basis. Along with all the aforementioned steps, it's wise to have a system backup plan in mind before you do anything. Even with good antivirus protection, you can still fall prey to a new, previously unrecognized threat that can wreck your system. With a backup at hand, you'll have little to worry about. Last but not least, make sure you use strong passwords on everything from Windows to your Internet account. Never discount the possibility of someone infiltrating your PC in person; all of your attempts to shield yourself from online attacks won't protect you from someone sitting at your PC and stealing as much information as possible. Although this all might seem like plenty of work, it's really not, especially if you consider it part of the normal routine of setting up a new computer. WinXP's latest service pack finally introduced security measures we should have seen years ago, and that trend will continue with Longhorn, the code name for Microsoft's next OS. But in the meantime, never expect that any computer you buy, borrow, or find is protected because chances are high it isn't. Once you're in the habit of applying these security measures to any new computer, you'll more easily enjoy the benefits of that new hardware instead of fretting about new infections. 
|
 and the </I>Smart Computing Reference Series<I>. Please send your feedback to christian@pctoday.com. )
Home Copyright & Legal Notice Privacy Policy Site Map Contact Us