Basic computer security

There is more to computer security than just installing an anti-virus program and then forgetting about it. We offer some tips on how to secure your computer, and how to try and keep it secure.

The foundation of computer security is layered

Computer security is layered with different components and many different approaches. One can take security to the extreme, and do their best to block out the world at the expense of speed. Others will do nothing, and act like it really doesn't matter, and no matter what they have it under control. At pcmd we take the middle of the road approach by utilizing good basic protections with minimal effect on computer performance, and internet browsing.

Just like computer security everyone has a different opinion on personal privacy. Some like the spot light while others like to hide out in the dark. There is no right or wrong way to look at computer security as long as one implements the most basic protections available. What does most basic protections mean you may ask? Well, for starters using the computer responsibly and surfing the web smartly goes along way. Beyond that we recommend a wireless router that has a built in firewall, and to have some sort of anti-virus program running and keeping it up to date. Some claim to get by with no anti-virus or malware tools, and they may be able too, but as time goes by that approach will become harder and harder.

A screen capture of Windows 10 security settings.

Microsoft Windows 10s built in security has come a come a long way, and can be considered viable protection

Use strong passwords or a password manager

There have been studies on end user passwords, and hacked password lists have shown that most users do not use strong passwords. a large number of end users tend to use the same password for everything. Ask them to change it, and instant frustration, and feelings of anger over their future failure to remember the new password sets in. Passwords are a part of life on the web and strong passwords are more than a good idea, they are a necessity.

Strong passwords that are not used on more than one site are required in order to protect one from random online attacks. So, what is a strong password? A strong password is a password that does not use dictionary words of any kind. This includes any word from any language, including slang. A strong password has a varied input like capitols, numbers, and punctuation. A strong password is also reasonably long, say at least eight or more characters. The longer the password the lower the need for variation. If the password used is twenty characters long a strong password could be all letters of varied capitilization.

PCMD recommends the use of password generators to create the password and the use of password management program programs such as Dashlane which has a password generator built in, or one of the many others to enter the password automatically into the field. Having the password manager enter the information into the field automatically protects one from kayloggers that could potentially record your keystrokes.

By utilizing password management software one can create passwords that meet the maximum length allowed by each individual website which can make it very hard to crack, or take a lifetime to crack. Trying to type a password that is 64 characters long could be a challenge, so really long passwords would need to be reserved for accounts you would never need to manually enter the password. A thief will always go for the easy low hanging fruit, therefore the use of a truly strong password will keep one in a much better position than the person who uses their dog, or cats name for a password.

Corporate hacks make us all vulnerable

It is becoming common for major companies to get hacked, and have the personal data of millions of people released out into the wild. These events leave users with no real protection besides changing their passwords on a regular basis. Changing your password daily will have no value if one is targeted by a crook that knows your Social Security number, your address, and any other required verification information. The criminal can change your password at will, drain your bank account, close your credit cards, the list goes on and on. If a crook can answer the questions they can't be stopped. Careless corporations are going to force the consumer to use very complex means for proof of account ownership. With time privacy will not exist, and all consumer data will be exposed, and available somewhere, and I wonder how will people prove they are the real person? If every secret question answer you have created is on the Internet, how can one secure anything without the use of biometric scans. I assume that someday we will be forced to use biometric scanning devices, but it will be years until they are reliable enough for everyday use, and even then someone will be careless and release the data to the hackers of the world.

Multi-Factor authentication

Multi-factor authentication has been in use for a number of years, and is used by most consumers already in the form of debit or credit cards. In order to use the card one needs the card and the PIN number, now this is not necessarily true with credit cards, however online one needs the three digit card verification code. Computer users can use two-factor authentication or 2FA with USB devices, cell phones, or dedicated devices. The USB device plugs into the computer and when needed generates a one time password allowing the user to log in. USB devices are the most popular, since they are small and affordable, yet they do have compatibility issues. One may not be able to log into all their web sites or they may not be able to use their favorite Internet browser.

Cell phones receive a text message or pop up with a password which the user enters to log in to a web page or an online account, or they simply need to acknowledge the activity on the device allowing them to continue on the computer. Dedicated devices produce a code that at a certain time the code must be entered correctly at that time, or wait and enter a new code. This helps to secure your password from being stolen, but it does not prevent companies from carelessly losing data.

Person using two factor authentication to sign in to account.

Two factor authentication can be used for many websites

Security Hardware

Over the years many different types hardware and tools have become available for people to secure there computers. Businesses have different demands than the consumer does, but most small businesses do not need to spend the extra money acquiring business grade hardware. Business grade hardware is supposedly more resistant to attack, and yet time, and time again companies build weaknesses in to their devices that no one knows about until a security researcher stumbles upon it. These situations are actually goo because the issue can be fixed. The other side of the coin is hackers find these weaknesses, and sell them to the highest bidder, allowing for attacks on companies who have no idea they are vulnerable. Usually the consumer is the one that pays in the form of data breaches.

No matter what all computer should not be directly connected to the internet with just a modem. Connecting the modem to a wireless router that has a firewall is the simplest way to get basic protection. If you must have direct access to the internet a wireless router can be configured to allow a computer to directly access the internet, it is referred to as the DMZ but generally this is not advised.

Program Security Holes

By installing some common and very popular software you are opening the doors to many different problems. Most but not all software manufactures release updates that are in response to security flaws they have become aware of. Sometimes manufactures may never fix them, or it could be years before these problems are fixed, or discovered leaving everyone vulnerable to attack. If you use programs that have an automatic update feature be sure it is running. Therefore, the program will automatically install updates as soon as they come out. As long as you allow them too.

A good example of programs with security flaws is Java. Which seems to need to be updated all the time. The more recent versions of Java will remove the previously installed version(s) automatically, which is nice. However, it only goes so far back, so any versions not automatically uninstalled will need to be uninstalled manually. These older versions can cause odd little troubles, or slow downs that seem to go away once Java is removed.

PCMD recommends you uninstall all older versions of Java unless a particular version is required for either software or hardware support. If you do not know if you require a certain version of Java, odds are good that you do not. Most versions of Java are available for download if you make a mistake and uninstall the wrong version. In fact most users don't need Java or actually use it, manufactures make money including other manufactures software so, end users are left thinking they need to use Java, even though they don't know why.

Another example is Adobe Flash, that is used for many different things from complete websites, banner ads, and simple things like flashing or scrolling text. Over the years Flash has become very controversial, and one big reason is due to Apple not supporting it with their products. Many websites use it to add flare to their sites, and some are fully built upon it, but it is a security risk that must be acknowledged. Due to its popularity viruses and malware writers use it to distribute their payloads, so it is important to keep it up to date. With the advent of HTML5 (Hyper Text Markup Language) Flash will eventually not be used or needed. Until then keep Flash up to date, or uninstall it.

Taskbar notifications

The Windows 7 Taskbar Notifications area very similar to the Windows 8, 8.1, and 10 versions.

On taskbar located at the right bottom corner of your screen is the notifications area. This is where most programs let you know of updates and other things that are happening. It is important not to turn off certain notifications like Windows updates or Java updates. In certain situations where an update can cause issues with the program, then definitely turn automatic updates off.

Malware can and will turn off notifications for you, or malware can take over an applications notification and display a new one that looks very similar. Learn what your product icons look like, so you know if they change. PCMD recommends regularly checking your taskbar for application updates or changes to icon appearance. More often than not when pcmd is called to repair a computer there is a build up of updates. Many people are concerned that they are phonies, and do not install them. However, leaving your computer at risk of attack is just as bad. Keep an eye on the taskbar and do not ignore pop ups, or icon changes.