Langa Letter: 5 Essential Steps To PC Security - InformationWeek
Software // Enterprise Applications
10:45 PM
Fred Langa
Fred Langa
Ransomware: Latest Developments & How to Defend Against Them
Nov 01, 2017
Ransomware is one of the fastest growing types of malware, and new breeds that escalate quickly ar ...Read More>>

Langa Letter: 5 Essential Steps To PC Security

As the new year begins, Fred Langa says keep these items in mind to help prevent data theft, identity theft, and private information falling into the wrong hands. These steps will give you 365 days of safe computing.

You see it in the news again and again: Identity theft, corporate data stolen, private information falling into the wrong hands...

But these kinds of problems are almost all preventable. With the five simple steps outlined here, you can make just about any PC -- in the corporate world or at home -- secure from online attacks and data theft. Some of these steps may seem familiar; and that's a good thing if they do, because it means you're up to speed on the essentials. But even experts sometimes miss a step, so having a checklist or guide like this can be handy.

Plus, we've assembled dozens of live links for you, giving you nearly instant access to the many tools and informational resources we discuss.

Let's get started!

Close The Holes
All software -- bar none -- contains bugs, errors, omissions, and security holes. No brand or vendor or source is immune. Therefore, obtaining and applying security patches as they become available must be a top priority in keeping your PC safe and secure. Most vendors offer automated or semi-automated tools to help stay current. The most obvious and popular are Microsoft's WindowsUpdate and Office Update. Most vendor Web sites also offer index pages or catalogs of all to-date updates, letting you zero in on any you may have missed previously. For example, Microsoft's "Security Updates" meta page is here. Whatever software you use, start the year off right by ensuring you're 100% up to date with all essential patches, updates, and bug fixes.

Block Intruders
Just about everyone now realizes the necessity of some kind of firewall to block malicious attacks or connections from external sources. And just about everyone has access to at least a basic desktop firewall, such as the simple one built into XP. (More info: See this or this.)

But there's still confusion and misinformation about the necessity of a desktop firewall if a given PC is already protected by a hardware firewall or the actions of a router, NAT, or similar devices. While those separate devices are excellent against external intrusion, most are all but useless against "phone home" exploits and similar "attack from within" used by some malicious software ("malware"): These malicious outbound connections appear to originate inside a given PC, and so are automatically allowed by most external defenses.

In sharp contrast, the better desktop firewalls block or flag all outbound connections at first activation, letting you prevent "phone home" and similar covert outbound connections before they start. So: Use a desktop firewall, even if your PC is also protected by a separate external firewall.

You can see which firewalls are rated most highly by your fellow users in "Readers Rate Desktop Firewalls". And there's lots more information available in "How Much Protection Is Enough?" ; "Norton Antivirus And The Single-Layer Defense Fallacy"; and "Four Myths of Online Security."

Stop Infections
While "closing the holes" and "blocking intruders" will go a long way to securing a PC, there still are several vectors by which hostile software can make it into your PC; especially through infection from trusted sources, such as from co-workers' PCs or other PCs on your LAN. For this reasons, and as part of good basic digital hygiene, every PC needs effective, current antivirus protection.

There are many options, but my current top pick is NOD32; a relatively lightweight (non-resource-hogging) utility with an innovative way of securing E-mail without the clumsiness of proxy-based approaches; and with outstanding heuristics that make the tool unusually resistant even to new and as-yet unidentified viral threats.

There are also many free antivirus tools and services available; so there's really no reason for any PC to run unprotected.

1 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll