Today, everyone trying to sell you something tells you that you HAVE to have Antivirus protection, email protection, spam protection, runtime protection, Internet protection, page filtering, a “stateful” firewall, port-stealthing, and even built-in obfuscation just to scratch the surface.
While all of this seems like a good thing, especially after a salesman scares you silly with predictions of dire doom; if you took everyone’s advice and put all of these protections in place, your computer would barely be able to do anything at all under the weight of all this bloat running on your computer. Half of the extras included with Antivirus software are nearly worthless anyway.
The problem is, all but a handful of these things aren’t worth a second of your time and actually only attempt to do a single thing: Try to protect you from your own bad decisions.
Let’s face it, our own exploration of the internet in a half-hazard fashion; coupled with clicking on email links combine to cause the vast majority of all successful virus and malware infections and the answers to most of our security problems does not lie with the computer at all, but rather ourselves.
Every time we open an email that promises “80% off [random goodie]” we almost certainly infect our system the moment we click on the link. Every time an add on a website declares they’ve found a “Weird new trick” that will magically evade all car insurance rules, or will make you rich “while you work at home,” you open the door yourself to invite disaster in for a free meal.
Every time you click on a link that you already know is too good to be true, or doesn’t make any sense, or promises more than is reasonable; you become your own worst enemy. The security of your computer and all of the information you keep on it boils down to one simple thing that nobody can sell you, manage for you or install for you: Common sense.
But realistically, more than 30 years of tinkering and 15 years as a professional in the IT field have taught me that if common sense were all that common, we wouldn’t be in this mess, would we? So you need a bit more than just common sense, although that is about 75% of the battle won right there. You only really need to do a few things to your computer in order to keep yourself reasonably safe, even if you have Windows XP.
Keep in mind, these are protective steps, not a replacement for using common sense to avoid getting into trouble to begin with. Taking all five of these steps will make your computer a far safer place from which to run your home business, play your online games, or attend to your finances. No protection can stop a determined hacker, but making yourself more difficult to crack, makes it far less likely anyone’s going to spend the kind of time on you that it would require to get through.
To use an analogy: You don’t lock your front door because you know it will keep the bad guys out, you lock your door because it forces the bad guy to take the time to break it down while you call the police; and if the door doesn’t fly apart at the first couple kicks, chances are much better that the bad guy will move on, or the police will arrive before the door breaks.
How to reinforce your computer’s front door:
Create a user account without admin rights and use that to browse the internet. (a “user” level user account) If you can’t install it, neither can anyone who attempts to gain access to your computer while you use it.
Load the most basic antivirus that proactively scans your files and email. (don’t install the rest of the garbage that comes with it) Avoid the “total protection” products, as most of what they have to sell you is worthless besides the basics.
Download and install Microsoft’s free EMET (Enhanced Mitigation Experience Toolkit) tool and enable all mitigation. EMET reportedly was able to stop all of the latest “zero day” threats (even in Windows XP) that have been in the news recently and is heralded by all top security agencies as the single most effective security tool in existence. EMET is not perfect, but it raises the bar significantly and for the home user, that means a much higher likelihood hackers will consider it a waste of time.
Keep your Windows patches up to date with the auto update Feature. Microsoft releases new patches on Tuesdays so make sure you’ve got the latest updates.
Put a router between you and the internet and make sure all of it’s ports are hidden or stealthed. Yes, hiding your ports actually does help make it more difficult and most home routers hide their ports by default right out of the box.
Do these things; (all of which can be Googled for how-to articles and video demonstrations adnausium in a few minutes each) and you will be as safe or safer than a majority of business offices with stuff people actually want to hack into.
Any technician helping you do these things can get them done in less than an hour if they come prepared; two if they don’t. (That should be a warning to find someone else anyway)
Just my view from the cheap seats…