Thursday, September 24, 2009

Basic principles of computer security

Basic principles of computer security

As an IT and Security instructor I frequently get asked the question "What should I be doing to protect and secure my computer?" In response to this question I give a lot of the usual answers plus a host of other suggestions that can and will make a system more secure and make one less of a target. When I decided to write this article I decided that I would put together a list of "Tips and tricks" to assist you, the reader, in making your system more secure.

The following list I put together as a checklist and is not meant to imply any step is necessarily more important than another.

Antivirus Program: Chances are a good number of you reading this article will have an antivirus scanner in place, however there are still more than a few computer users who do not. The reality is that everyone should have an antivirus program installed, running and most importantly up-to-date. There are currently a number of options to choose from including Norton and McAfee or free versions from vendors like Grisoft (www. grisoft.com), so if you do not have one, get one today.

Trivia: Recent surveys suggest that between 25% and 35% of computer users worldwide have virus protection installed.

Firewalls: Firewalls serve a very important function which is controlling the flow of traffic on and off a computer thereby stopping unauthorized ingress and egress of data. Firewalls become even a bigger issue for those of you who have a) broadband b) use wireless or c) use public hot-spots as such connections all expose one to higher risk than older, slower connection standards such a dial-up. Great options for firewalls include, on the software side, Kerio, Norton and Zonealarm or hardware solutions such as dialup.

Tip: Not sure how well your firewall is working? Want to test it out? Browse over to the "Shields Up" utility over at (www.grc.com) and put your firewall to the test.

Updates and Patches: Keeping your system up-to-date with the latest patches first and foremost ensures that you are not only staying current with your software it also ensures that you do not have any nasty "holes" to be exploited. An example of what happens when patches are overlooked think back to the Nimda worm from 2001, this same worm is still infecting some Microsoft web servers today simply because some system admins have not installed a patch from 5 years ago.

Complex Passwords: Passwords are one of your first lines of defense against an attack, but sadly they are overlooked quite often until it is too late.

Those that do use passwords tend to overlook basic safety with passwords by not using what is called password complexity; password complexity refers to a password that has the following characteristics:

oUpper and lower case letters
oSpecial characters such as @ % or $
oAre at least 7 or 8 characters long
oAre not words found in the dictionary or are easy to guess

Using these simple guidelines to construct a password makes it significantly harder to break and therefore a successful deterrent against an attacker.

Trivia: The most common place to find the password of a user who has written it down? On a Post it note under their keyboard (no kidding).

Backing up: Backing up represents one of the final options if your system finally decides that it is going to take an "Extended leave" when you need it most. You should ideally be backing up your computer on a regular basis either daily or weekly (depending on your own needs) to a medium such as tape, CD or DVD.

Do you really need that?: Most people have a lot of software installed on their machine, but the question is how much of that do they actually use? Uninstalling applications you do not ever use or just plain do not need, reduces what security professionals call your "Attack surface" or possible ways for someone to attack you. A great place to start is to look at those applications that came bundled with your PC when you bought it. If you do not need it, do not patch it just uninstall it.

Can we get some service here?: In Windows (XP Pro and Windows 2000 Only) you might have heard of something called Services, which run in the background on your machine. Services provide features such as file sharing, networking enhancements and many other system features both obvious and otherwise. The problem is that more services are started in Windows than are normally needed, but they are started anyway to make the system useable by the greatest number of people. Shutting down unnecessary services can not only make your system run faster, but can also reduce the number of ways some can attack you. Basically if it is not running, it cannot be exploited. Not sure what to shut off? Take a look at this helpful URL for guidance (http://www.liutilities.com/pr od-ucts/wintaskspro/processlib rary/)

Note: Shutting down services if done correctly can be a great way to make a system more secure and perform better. Shutting down the wrong service can make a system unable to boot, so exercise caution.

Using the preceding tips can make you much more secure than you would be otherwise. I usually recommend these as a first line of defense. If you are feeling brave you can take this even further. The important thing to remember when trying to secure a system, (whether it is a single PC or an entire network) is that it can never be 100% secure. However, you can make yourself less of a target by making it harder to go after your system.


No comments:

Post a Comment