Software // Enterprise Applications
Commentary
1/7/2004
11:40 AM
Fred Langa
Fred Langa
Commentary
Connect Directly
RSS
E-Mail
50%
50%

The Explorer: Four Myths of Online Security

Make sure your PC is really secure from 'Net-based hacker attacks -- without spending a dime.

The Internet is a two-way street. Just as it's easy for you to connect to other sites, it also may be easy for others -- for hackers -- to connect to your PC. In fact, by default, many PCs are set up with truly awful online security settings that can leave the door to your system and your hard drive unlocked and wide open!

The more time you spend online, the greater the odds that someone will indeed try to crawl back through your Internet connection to get inside your PC. And if a hacker finds a weakness or a security flaw in your setup, he or she can launch a full-blown attack that can cause trouble ranging from the merely annoying (slowing down or crashing your computer) to major headaches (potentially reading files, stealing passwords, and worse.)

But many people succumb to one or more of the following myths about online security, and in doing so, leave themselves wide open to major trouble:

Myth #1: "I'm not on a network, so my PC is safe." The Internet is a network, and any Internet-enabled stand-alone PC will have some or all the same networking protocols running that you'd find on a PC in (say) the heart of a huge business setting. But a PC in a huge business setting probably has corporate firewalls and a professional IT staff working to keep it safe. In stark contrast, a PC in small business, home office, or a laptop used in the field (away from corporate security measures), or a personal-use home system may have a networking setup that's wide-open, totally vulnerable to hackers -- and you might not even know it. The threat is very, very real: With today's "always on" connections such as cable modems and DSL, you can be virtually certain that at least two or three or four (or more!) bonehead miscreant hackers will try to break into your PC every single day!

Myth #2: "I just use dial-up connections, so my PC is safe." Dial-up connections come and go; each time you dial-up, you get a slightly different ("dynamic") numeric Internet protocol (IP) address. (Unless, of course, your ISP has assigned you a static IP address.) That makes it harder for a hacker to find you than if you have a "static IP" or an always-on connection. But hacker tools have evolved to the point where they can scan literally tens of thousands of IP addresses an hour.

With so many hackers scanning so many possible addresses, even dial-up connections can and do come under threat of attack.

Myth #3:  "I use an anti-virus app, so my PC is safe." A good anti-virus utility will indeed protect you -- against viruses and similar problems. But it'll do nothing to prevent a hacker from lifting information off your system or crashing your PC. It'll do nothing to prevent a malicious (but programmatically legitimate) application from surreptitiously "phoning home" and sending information about you or your PC back to some other site or person. Anti-virus tools are just one small (but important) part of online security.

Myth #4: "I use a firewall, so my PC is safe." Firewalls are great, but if your PC is inherently insecure in and of itself, then relying solely on an add-on program to provide security puts all your figurative eggs in one basket. If the firewall software has a flaw or a bug, or if anything goes wrong with it, you're toast. Plus, some firewalls are useless against viruses or similar apps; most do absolutely nothing about malicious apps that quietly send data about you or your system back to an outside source; and some firewalls actually can make things worse because they advertise their presence to hackers, inviting specialized attacks designed to defeat that particular kind of firewall.

But there are solutions. Using tools you already have, and for free, you can vastly improve your online security -- and that's what this week's Explorer column is about: I'll cover the essentials of how to set up your Internet connections so as not to needlessly create security holes. In future columns, we'll talk about other techniques and products (some also completely free!) you can add to further reduce security problems.

With the secure networking foundation I'll show you in a moment, any firewalls or other products you use will only add to an already-safe setup. And, if there proves to be a problem with your firewall or security software, you won't be left totally exposed to hackers. You won't have all your security "eggs" in one basket!

Because this is a column and not a full-blown feature article, I'll be moving along fast: Check the References listings to follow up on any steps or concepts that aren't clear to you.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - September 10, 2014
A high-scale relational database? NoSQL database? Hadoop? Event-processing technology? When it comes to big data, one size doesn't fit all. Here's how to decide.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.