Lock Down! Security Basics for the Home PC User

Salvatore Vuono / FreeDigitalPhotos.net

If you’ve been keeping up to date with my posts, you’ve been noticing that I like to talk about keeping your data secure.  This post is a continuation of that.  Here, I’ll be outlining eight simple steps to keeping your data secure.  This is by no means a comprehensive list, nor does it venture into keeping your data safe online, which is an entirely different topic that  is expansive enough to warrant it’s own future post.  Instead, I am offering up a foundation on which to start.  So, let’s go.

1. Don’t use an administrator account for your day to day operations.  I think every computer that has ever been brought to me has been setup this way.  It’s really kind of the fault of the operating system vendors.  Typically, the first account you setup is an administrator.  People normally setup the first account and start using it.  This is a problem because the administrator has the rights to do anything on the machine.  So, if you have a piece of malware that wants to install itself on your  computer and you are an administrator, there is nothing blocking it from installing.  If you are running an account that is not an administrator, you’ll have to supply the administrator’s password to install software or make global systems changes.  While this is less convenient, it makes it harder for ugly software to install itself onto your system without your knowledge.  It is also harder to inadvertently make unwanted changes to your computer.   So, what do I do?  If you are already running on an account with administrator privileges, you simply create a new account with administrative privileges, then modify your account to become a standard user.  Once done, installing software will require the administrator account password.  To install software under Windows XP when using a non-administrator account under Windows, simply right click on the application and select ‘Run as’.  A window will then popup allowing you to select your administrator account.  There are some cases where you will need to actually switch to your administrator account and log in to perform a task, but those are pretty rare and are mostly needed when you are setting up your computer.
2. Use passwords.  Without a password, anyone can sit down at your computer and do whatever they would like.  When creating a password, make it a good one.  Don’t use ‘bob’.  Use something more secure like ‘BobL1nk40″.  Notice the use of a ‘1’ instead of an ‘i’.  This type of password is very difficult to crack.  The combination of capital, lowercase, symbols, and numbers should be standard procedure for you as well as keeping your passwords at least 8 characters long.  If you experiment a little bit, you can come up with combinations that are pretty easy to type.  As with using a non-administrator account, this will make your life less convenient, but how inconvenient is it to do something like having to fix your credit report after having your identity stolen?  These steps can play a part in preventing something like that from happening.  Once running as a non-administrator and using secure passwords become a habit, the really do not do much to impede your life.  This step should also carry over into your online life.  Use solid passwords for everything you do online.
3. Make sure you have an antivirus / antimalware (spyware, adware, etc) package and make sure it is up to date.   While this is fairly self explanatory, it needs to be a high priority.   For more information, a read of my earlier post, A Temporary Solution can provide some additional information.  In addition to having real time protection, make sure that you setup a scheduled scan at least once per week to catch anything that may have slipped through.
4. Use a firewall.  Firewalls are basically like a wall between your computer and the Internet.  It won’t allow data to flow back and forth except on specified open ports.  A port is similar to a gate in the firewall.  You allow traffic to flow through specific gates in order to manage traffic in an orderly fashion.  There are standard ports for web traffic, email, etc.  Windows has a built in firewall starting with XP.  There are other software firewalls available such as ZoneAlarm.  If you are using a laptop or netbook, you absolutely will want to be using a software firewall on your machine if you ever take it off of your home network.
5. Use a router.   Routers serve as an additional layer of protection between your computer and the Internet and act as a hardware firewall.  Plugging a computer straight into a modem is bad practice.  Routers are cheap these days and easy to setup.  If you share an Internet connection with more than one device, you already have a router.  Even if you only have one device, invest in a router.  Unless of course you are in that tiny percentage of homes with dial up.
6. Keep third party applications up to date.  I just covered this ground in my post Update All the Way, so I’m not going to beat that dead horse other than to say that third party applications such as Flash, Java, and Adobe Reader are subject to vulnerabilities just like Windows, OSX, and Linux.  A third party update tool like PSI can help you keep those up to date.
7. Keep the operating system up to date.  Whether you run Windows, OSX, Linux, or something else, your operating system should be regularly updating as security vulnerabilities and bugs are found.  Most people should set updates to automatic.  While the updates will break things on rare occasions, the risks associated with not having them updated is much greater.
8. Online backups.  As with the previous item, I’ve already covered this in Back it Up, I’ll Take it!.  Backing up your data automatically and offsite is the best way to protect your data in the event of hardware failure, theft, or home damage.  There are a lot of options out there for online backups, and some are even free.  Your data is critical.  Don’t risk it.

Remember, these are just the foundational elements for protecting your data.  If you don’t have these in place, your other efforts lose a lot of their luster.  By implementing these basic concepts, you can go a long way toward keeping your data yours.