President's File

 

Issue 1.4

July 2005

Secure Computing in the Internet Age

In my book, a bad day of golf is still better than a good day of work! This is especially true if you work with computers.


I’ve been using personal computers for fun and/or profit for roughly 20 years now. In that time they’ve gone from a novelty item to a nearly indispensable tool for business, education & entertainment. Unfortunately they can be troublesome contraptions that can fail without help from things like viruses, worms, Trojan horse programs, or spyware (collectively “malware”).


For better or worse, malware is here to stay… There is no way to completely eliminate the threat of malware, but you can greatly minimize the risk by taking few basic steps.
Before we talk about the mitigation steps you can take, I want to talk a little about the challenge we face.


Personal computers used to be a novelty item used by hobbyists, who took the time to learn about the inner workings of the hardware and software. Today, PCs are just another consumer electronics commodity. The vast majority of users aren’t interested in the inner workings of their computer, they simply want plug it in, turn it on, and use it. If we’re going to make a meaningful impact in the malware situation, we need to change that plug-it-in-and- go mind set. Anyone who uses a computer needs to have a basic understanding of the risks they face and how they can minimize them.
So what can you do to protect yourself? For starters, you should Keep your system patched, make regular visits to the Microsoft Windows and Office Update sites, and install the recommended updates. Be sure to check for updates to any other applications you use as well. Second, keep backups of important files. Third, use strong passwords… a strong password should be at least 8 characters and include letters, numbers, and at least one special character. It should also be easy to remember.
In addition to those basic steps, you should also:
• Install and use anti-virus software.
• Install and use a personal firewall.
• Install and use anti-spyware software.
• Use care when downloading and installing programs.
• Disable file and printer sharing in your computer, particularly when accessing the Internet using cable modems, digital subscriber lines (DSL), or other high-speed connections.
• Use care when reading e-mail with attachments:
Never, ever:
- Open e-mail attachments from someone you don’t know.
- Open e-mail attachments forwarded to you, even if they’re from someone you know.
- Open unsolicited or unexpected e-mail attachments until you’ve confirmed the sender actually meant to send them.
And, did I forget to mention?:
• Do not select the option on web browsers for storing or retaining user name and password.
• Do not disclose personal, financial, or credit card information to little-known or suspect web sites.
• Delete spam and chain e-mail’s; do not forward these and do not use the unsubscribe feature.
• Log off the online session and turn off your computer when it is not in use.
• Do not use a computer or a device that cannot be fully trusted.
• Do not use public or Internet café computers to access online financial services accounts or perform financial transactions.
• Ensure your browser supports strong encryption (at least 128-bit). Most browsers now provide this by default.
• Install and use a file encryption program and access controls.
• Broadband users: install and use a hardware firewall/router.


These are the basics of Safe Hex… There’s a lot more we need to talk about, but I’ll save the rest for the July 5th General Meeting. Look at the bottom of this page to get a handout of the presentation!
Your comments & questions are always welcome. You can reach me at jasetaro@mags.net or jasetaro@yahoo.com.
Cheers,
—Jeff Setaro

 

Click here for the Handout (requires Adobe Reader)


BackHomeNext

© Copyright Danbury Area Computer Society, Inc. 1998-2003 All Rights Reserved
Web Site Terms & Conditions of Use