Security Basics

When friends or family first go online, they generally worry (rightly so) about security, they’ve all heard the horror stories of credit cards numbers being stolen and bank accounts being emptied. So, here’s some basic tips that will cover the bases and help you sleep better at night.

There are a standard set of software tools and practices that you should follow:

If you’re planning on spending anytime online, you will need a firewall. This is, as it sounds, a virtual wall that protects you from just anyone coming into your computer, limiting access to only a few routes and monitoring them. There are plenty of free applications out there, I tend to recommend ZoneAlarm, you can download the free version here. Make sure you keep it updated.

Although a firewall will defend you from people attacking your PC there are still plenty of holes to exploit, so you can use anti-virus to automatically sweep incoming emails and run system-wide scans from time to time. Again, there are plenty of free options, I tend to recommend AVG (download here), but I’ve also heard good things about Avast (download here). Make sure you keep it updated with the latest virus libraries.

Spyware is malicious software, rarely programs you have chosen to install, that does anything from track which websites you visit to popping up adverts to logging every keystroke to find passwords and account numbers. I tend to recommend AdAware, but there are quite a few out there, many which come in bundles from ISPs. Make sure you keep it updated.

Those are the three main things I recommend, many of the security vendors offer all-in-one solutions for the three packages above, which makes things a bit easier if you want to spend the money, all of the packages I have suggested are free, or have free versions. The only problem I find with joint solutions is if you find an incompatibility with one bit of it (say your anti-virus conflicts with some other bit of software), you can’t use any of it. Separate products provide a little more flexibility.

Get a Password Manager
As you sign up or shop at more and more sites, you will find the number of passwords you have grows very quickly. Obviously you can’t remember hundreds of them, especially if you only visited a site once, three years ago, to buy a rug, and now you want a matching one. So take the hassle out of it, but also keep your passwords safe, by using a password manager. Personally, I use Access Manager, it’s free.

There’s a good article on the BBC site which covers how and why you should keep your password safe.

Do Checks Regularly
Waiting until you have a virus infection to use your software is too long. Make a schedule, say once a week if you use the PC a lot, once a month in you only login now and again, set the schedulers on the software and do a sweep, or do it manually if you like, use a reminder service like Google Calendar to send you an email to nudge you at appropriate intervals. The software is useless if all you do is install it and think that’s it.

Use Secure Software
I believe that using secure software from the outset is one of the best ways to keep yourself safe, make sure you use a secure browser, like Firefox. Internet Explorer was a big security problem, but with version 7 the security was bumped up considerably. Outlook and Outlook Express were also massive security holes, they have also been improved, but why not try something like Thunderbird instead, or you could use a web-based service. Another option would be to either use a different operating system, such as Linux or Apple’s OSX, which are more secure and have fewer (if any) viruses written for them, or you could upgrade to Windows Vista, which is supposedly much more secure, and certainly short term there are no viruses written for it, as it’s too new. I have a feeling we’ll see some before long though, still, should be worth the upgrade.

Keep Software Updated
Also, always make sure your software is fully up-to-date with the latest security patches (both your products and operating system, whichever one you use). Try not to use outdated software, supports tends to drop away, as do security fixes, leaving you more open and vulnerable as technologies move on. Most software, certainly the critical stuff, has easy and simple update functions, you can even automate it on some, and most will tell you when a new version is available.

You can also check out the following article at BBC Online, which covers much the same thing, but there’s one thing that stands above all others as the weakest part of any system: you. Users are always the weakest link, so here’s a few tips for you.

  1. Don’t open attachments on emails from people you don’t know, or on emails you weren’t expecting from people you do know.
  2. Don’t click links in emails requesting your user details, doubly so for anything money related (PayPal, banks, Ebay, etc). If you’re not sure if it’s real or not, manually type in the address of your bank, then login and check what they say.
  3. Don’t download files or software from sites you don’t know or look dodgy
  4. Don’t help yourself to pirated copies of software packages, either via download or over peer-to-peer (P2P) networks, many of them include spyware and hidden programs
  5. Don’t store your passwords in a plain text file somewhere on your computer, or use the same one for everything, or use weak passwords (i.e. normal words, DOB, kids names, etc). Do use a password manager, do copy and paste passwords into important sites rather than typing them in each time, do make use of punctuation, a mixture or uppercase and lowercase letters and numbers