skip to: page content | links on this page | site navigation | footer (site information)

Positek.net Positive Technology Solutions from Positek.net LLC

About Us | Contact Us| FAQ
Handy Setup Checklist | Who do I Trust? | Frequently Asked Questions
Handy Maintenance Checklist | Who do I Trust? | Frequently Asked Questions
Handy Diagnosis and Repair Checklist | Who do I Trust? | Frequently Asked Questions
Safety Checklist | Safe Downloads | Who do I Trust? | Frequently Asked Questions
Hardware | Software | Business Support Services | Personal Support | Advice | Frequently Asked Questions
subglobal6 link | subglobal6 link | subglobal6 link | subglobal6 link | subglobal6 link | subglobal6 link | subglobal6 link
subglobal7 link | subglobal7 link | subglobal7 link | subglobal7 link | subglobal7 link | subglobal7 link | subglobal7 link
subglobal8 link | subglobal8 link | subglobal8 link | subglobal8 link | subglobal8 link | subglobal8 link | subglobal8 link

Computer Security

Computer Security

 

These days any computer is at risk for compromise. This includes computers connected to the internet and those that aren't. Threats can come from any number of areas; floppy disks, thumbdrives, CDs and DVDs (even commercially distributed material like software programs and movies), modem connections, broadband connections, wireless connections, wired connections - you name it. Any time you put something into a computer, something else can come along without your knowledge. Sound paranoid? Read on!

A recent survey shows that 1 in 5 computers in the U.S. is infected with one or more computer viruses. That same survey shows that 4 out of 5 computers has some form of spyware on it. Spyware has become the catch-all term for any program or script (set of instructions to your computer that runs automatically) that you didn't specifically install with full knowledge and understanding. Whew!

Spyware includes software that spies on your computing habits and the data on your computer, and reports back to someone else, adware (software that spies on your computing habits for the purpose of direct marketing customized advertising to you), sneakware (software that does work for someone else on your computer), and malware (software designed to harm your computer and/or data).

Protecting your computer and your data is not a single product or service, but is a process of securing your assets, and then monitoring that security and updating or improving it as necessary. For many businesses, the starting point is their computer network. Every point of entry from the outside needs to be secured (securing the perimeter of your network), every device on the network needs to be individually protected (securing the layers within the perimeter of your network), and a procedure for monitoring, assessment and update of your security needs to be put in place and enacted.

For home office and home computer users, this may sound like overkill until your personal finances on Quicken or the best-selling novel you were half-finished writing disappears. Personal computers still need the basics of security in place. Here's a generic list of what would be needed in a home office consisting of a single computer connected to the internet with a dsl or cablemodem:

  • hardware firewall between cablemodem and PC (with SPI, NAT, and filtering enabled)
  • software firewall installed on the PC with inbound and outbound traffic monitoring
  • active and up-to-date antivirus monitoring software configured to auto-protect 24/7, scan weekly, and scan any disc or storage device inserted (floppy, CD, thumbdrive, etc.)
  • active and up-to-date spyware detection and removal software configured to auto-protect 24/7, scan weekly, and scan any disc or storage device inserted (floppy, CD, thumbdrive, etc.)
  • Safe computing practices (see our sample list here)

Small business computers and home networks with multiple computers need similar capabilities, although some of these capabilities may be covered by a server-based technology.

For any computer, a good password should be required to start it up (we actually like the 'passphrase' more than passwords). If the computer is in an area where anyone other than the specific user can access it, this password protection should be extended to the screensaver, which should be automatically enabled after no more than a few minutes of inactivity (better yet, the user should log off the computer). A passphrase can include spaces, numbers, special characters - anything you can type on the computer keyboard. A handy sentence or quotation is also easier to remember than a cryptic password.

Networks with wireless access also need to secure the wireless portion of the network. Wireless security for older 802.11b devices can be simple: enable 128-bit WEP with a strong (i.e., unguessable key) and disabled SSID broadcast. If WPA is available, use it. We recommend you avoid the use of key generators (usually a passphrase section that automatically generates the hex key used to encrypt data). Instead, generate your own key from a 12-character (for 128-bit encryption) passphrase that's been translated into hex (a handy table for converting is here). Stick with characters that exist on your computer keyboard, and use a password that you have a good chance of remembering. A short saying (for example: "i love 2 eat" -the spaces count with the characters to make 12) is preferable to something more cryptic, as it's easier to remember (keep the translation table handy to re-generate the 128-bit key if you need it).

Check back later as we add information about how you continually monitor, assess and update your computer and network security. This includes testing your security (we like to use the facilities of Gibson Research Corporation, as well as other tools).

Positek.net About Us | Contact Us | Our Policies | Privacy | ©2004 Positek.net LLC