Home Computer Security
Businesses have been taking computer security seriously for a long time; home users have not been. The reasons are generally two-fold: cost and expertise.
A typical home user may have the anti-virus program that came with the computer but then not realize that this was a subscription service that ended the first year and has had no real protection since.
The good news is that there are free alternatives out there for the home user that don’t require a technical expert to install and configure. It’s no longer sufficient to simply have an anti-virus program.
You should also have anti-malware and a firewall to protect yourself from modern-day threats.
So, how do you protect yourself from Internet threats at home? Microsoft® has provided a free firewall and free anti-malware/anti-virus tool since Windows XP SP2*.
Windows Firewall is the firewall software and Microsoft Security Essentials (MSE) is the anti-malware/anti-virus product. Windows Firewall is included with Windows and MSE requires a download from the Microsoft® site: http://windows.microsoft.com/en-US/windows/security-essentials-download. As a bare minimum, you should enable and install this software for basic protection.
MSE is a pretty good anti-virus program with a low false-positive rate but for additional protection from malware, you should look at additional software. There are two free programs that I’m aware of for home use that are both quite good.
The first is Malwarebytes Free available from http://www.malwarebytes.org/products/malwarebytes_free/. The second is SpyShelter Personal Free from http://www.spyshelter.com/download.php.
Both of these products also have a premium version for a relatively low lifetime fee which provides more features. If you’re a Comcast® customer, Comcast® is providing you with the Norton Security Suite™ free of charge:
There are many other free anti-virus utilities and free firewall software and even some advanced unified threat management utilities available free of charge if you look for them.
Don’t use cost as an excuse for not being protected. Phishing is one of the most prevalent Internet threats seen in real life and most software won’t protect you from it. Phishing is an attempt at acquiring personal information such as login credentials, credit card details, or simply money via email. It’s considered a type of social engineering.
You’ll get a forged email that looks like it’s from a legitimate source asking you to click on a link, which will take you to a site which may look identical to the original. Before you click on any URL links in an email, hover your mouse over the link and look at the bottom left corner of your browser for what the underlying link actually goes to.
The contents of the URL will usually have a misspelled word, the wrong domain suffix, or simply not be anything like the actual web link. Do not click the link. Simply clicking the link has the potential of infecting your PC, but the larger threat in these cases is that you provide the information thinking that it’s a totally legitimate request.
There are many ways to mitigate security issues, and in addition to including the free firewall/anti-virus/anti-malware products, which will help protect your PC at home, you should also make sure that your operating system and any application software are up-to-date and patched.
Turn on your auto-update feature in Microsoft Windows to keep your OS patched against the latest security threats. A lot of malware that gets on your PC is simply because you knowingly downloaded it. Know what you’re downloading and from where. Don’t automatically click yes on warning dialogs asking for permission to install something if you don’t know for sure that the software is safe.
Don’t just assume a site is safe. Even legitimate sites can have ads that contain a virus or malware. Sometimes your anti-malware software may not have a signature for a specific threat until after your computer is infected. Be particularly wary of sites you’ve never been to before.
The primary benefit of solving the home PC security threat is to mitigate/prevent infection of your PC. The botnets, which are used to attack legitimate businesses generally originate on home PC’s that the owner doesn’t realize is infected. Stolen credit card information and hacked accounts are often the result of infected home PC’s.
Nobody is immune to the security issues of the Internet. You just need to do what you can to mitigate the threat. Install anti-malware/anti-virus/firewall software. Don’t fall for phishing attempts. Keep your software up-to-date. Don’t install unknown software. Don’t visit disreputable sites. Be cautious and use common-sense.
*Windows is a registered trademark of Microsoft Corporation in the United States and other countries.
Editor’s note: Michael Carson is the Sr. Security Engineer at Los Alamos National Bank. He has more than 20 years of experience.
- Look for Money IQ every Wednesday in the Los Alamos Daily Post.