Protect Your Personal Computer.
If you think that your home computer was safe from outside attacks, think again. Home computers are as susceptible as office computers to online attacks. Here are some extremely important guidelines for home computer owners.
Use the latest version of a good anti-virus software package that allows updating from the Internet.
Use the latest version of the operating system, web browsers and e-mail programs.
Don't open e-mail attachments unless you know the source. Attachments, especially executables (those having .exe extension) can be dangerous.
Confirm the site you are doing business with. Secure yourself against "Web-Spoofing". Do not go to websites from email links.
Create passwords containing at least 8 digits. They should not be dictionary words. They should combine upper and lower case characters.
Use different passwords for different websites.
Send credit card information only to secure sites.
Use a security program that gives you control over "Cookies" that send information back to websites. Letting all cookies in without monitoring them could be risky.
Consult your system support personnel if you work from home.
If you use your broadband access to connect to your employer's network via a Virtual Private Network (VPN) or other means, your employer may have policies or procedures relating to the security of your home network. Be sure to consult with your employer's support personnel, as appropriate.
Use a firewall.
Don't open unknown email attachments.
Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs.
Be sure your virus definitions are up-to-date.
Save the file to your hard disk.
Scan the file using your antivirus software.
For additional protection, you can disconnect your computer's network connection before opening the file. Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.
Don't run programs of unknown origin.
Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing - they might contain a harmful program.
Turn off your computer or disconnect from the network when not in use.
Turn off your computer or disconnect its Ethernet interface when you are not using it. An intruder cannot attack your computer if it is powered off or otherwise completely disconnected from the network.
Disable Java, JavaScript, and ActiveX if possible.
Be aware of the risks involved in the use of "mobile code" such as ActiveX, Java, and JavaScript. A malicious web developer may attach a script to something sent to a web site, such as a URL, an element in a form, or a database inquiry. Later, when the web site responds to you, the malicious script is transferred to your browser.
The most significant impact of this vulnerability can be avoided by disabling all scripting languages. Turning off these options will keep you from being vulnerable to malicious scripts. However, it will limit the interaction you can have with some web sites.
Many legitimate sites use scripts running within the browser to add useful features. Disabling scripting may degrade the functionality of these sites.
Make regular backups of critical data.
Keep a copy of important files on removable media such as ZIP disks or recordable CD-ROM disks (CD-R or CD-RW disks). Use software backup tools if available, and store the backup disks somewhere away from the computer.
Make a boot disk in case your computer is damaged or compromised.
To aid in recovering from a security breach or hard disk failure, create a boot disk on a floppy disk, which will help when recovering a computer after such an event has occurred. Remember, however, you must create this disk before you have a security event.
Friday, May 7, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment