Search this site
| Written by huddy |
| Tuesday, 15 September 2009 16:26 |
|
Windows Security, Housekeeping and the basic do’s and don’ts
There is never any guarantee of eliminating all threats to your PC. However, you can help reduce the potential risk of threats by keeping vigilant and performing a few simple housekeeping tasks that take very little time and effort.
The Basics do's and don’ts
Passwords
It may seem really obvious but never give out any passwords to anyone. Never write your passwords down where they can found either.
If another person needs to logon your computer, then logon for them. Ask them to turn their head while you do. Make sure you change your password immediately afterwards.
Follow these basic password rules:
1. Never give out your password
2. Change your password on a regular schedule 3. Do not base your password on personal information (your cats name for example) 4. Keep your password to a minimum of 6 to 8 characters 5. Your password should contain a mixture of upper and lower case letters, number and symbols Keep your personal details to yourself
Never give out personal details such as bank account details, telephone numbers. mother's maiden name etc over the internet unless you know the website is of a reputable source and the website is fully secure. This may seem obvious but this is still over looked and many people still do this.
A secure website is normally indicated by a yellow padlock on the bottom right hand of the screen or the literal “Protected” depending on the broweser being used and the version. This basically means that the connection between you and the destination is secure and the information passed is encrypted. If in doubt, contact the people on the website and ask. In my experiance, I tend to avoid buying from e-tailers that have no contact phone number. Of course, this isn't always possible but problem transcations can be a pain to resolve through email or webnote systems.
It’s also important to remember that banks, building societies etc will never request your account details or ask for your PIN by email. If you receive an email requesting such information (Phishing) then don't under any circumstances reply or provide athem with any information they request. Your own bank immediately and tell them.
Cutting the Spam
Spam is unwanted email and is both annoying and a seroius security risk. Unfortunately, you will never get rid of all spam despite best efforts but here are a few things that can help reduce this menace:
1. Don’t give out your email freely. The more you give out your personal email address then the greater risk you’ll receive spam. It’s that simple. Avoid replying to recipients you don’t know becuase once they know it's a valid email address, your on their list as a confirmed hit.
2. Use two email addresses. Sometimes, giving out your email address can’t be avoided. Some information can only be obtained be registering your email address. So keep two email accounts (addresses). Use one for very personal email only and the other for anything that doesn’t matter to you what goes on.
The best email account to use for personal use could be the one that's provided by your Internet Service Provider (ISP). ISPs normally have some excellent first line anti-spam and anti-virus tools by default, so use any functions they provide if they are free. Use your personal email address for friends, family and for online registration for websites you need and use often, like on-line banking or shopping etc.
Set-up a second webmail account, such as google mail (gmail), hotmail etc..These can be used for general usage when you don’t want to give out your personal one. Therefore, it doesn’t matter what spam you receive. Keep this email strictly as webmail i.e. do not setup in outlook. If you start getting too much spam, then hey, just delete the account and set-up a new one.
3. Never open anything you don’t recognise. If it looks suspicious then delete it immediately. Don’t be tempted to open it or download any of its content. If you do, then you are giving permission for the system to accept a possible security threat. On your head be it.
4. Use anti-spam tools if you can. Some ISPs provide anti spam solutions and email security tools that block suspicious incoming email. If they provide such a tool, then use them but be careful, blocking spam isn't quite black and white. You could block genuine emails you want from friends, family or perspective clients, for example. If you are unsure then contact your ISP who should be able to help.
5. Some ISPs and email applications (such as Outlook) provide “black and white” lists to enable you to block and allow incoming email addresses respectively. Spam normally hits a "Junk" box which you can deal with without accidently opening. If they provide such a tool, then use them. If you are unsure then contact your ISP who should be able to help.
Clear desk policy Not your actual desk but the windows desktop however the principle is the same. A cluttered desk is an unworkable desk. Windows loads the deskto into memory so never place files, programs or folders on your desktop otherwise this will start to slow your system down. Keep these in your documents folder. Try and keep your desktop to shortcuts and temporary work-in-progress files only. Delete any files and shortcuts you don’t need (a shortcut is denoted with a fold and arrow in the bottom left corner).
Disabling Anti virus and Firewall Never disable your anti-virus or your firewall software whilst you are connected to the Internet. If you are asked to disable either or both i.e. when installing new applications or games etc, then make sure you “disconnect” your PC from the internet before turning off the anti-virus or Firewall whereever possible. Remember to re-enable them as soon as possible and certainly before reconnecting to the internet.
UAC – Vista/Wiondows 7 users only
User Account Control (UAC) is a new security feature of Windows Vista. UAC enables non-administrators to perform maintenance and common tasks without the need to switch users. It simply prompts for the administrator password to allow permission before continuing. Administrators are also prompted to confirm actions before continuing. This can be a pain but this is a small trade off for the extra security it provides.
UAC is an important feature to Windows Vista and Windows 7 and is activated by default. In Windows Vista, the UAC prompt can be rather intrusive and has lead to people turning it off. Personally, I think this is a bad idea and not rrecommended. Windows has always been critised for it's lack of security features and loop holes so any form of protection isn't a bad thing. However, Microsoft have revised the UAC in Windows 7 making it less intrusive and a superb security feature.
An example of the UAC prompt in Windows Vista:
 UAC also activates many other security related features, including Protection mode in in Internet explorer 7 upwards.Something else to bear in mind if you are thinking of switching it off.
Well that covers the basics. Now you know the do's and don'ts you need to keep your system upto date. There are some simple housekeeping tasks to keepi your system safe and secure.
Weekly schedule
Checking your Security settings
Windows XP, Windows Vista and Windows 7 come with a central reference screen to monitor your system security state. This is called the Windows Secuirity Center.
Once a week, check that your Windows Security Center is in good health ensuring all lights are “green”.
Click Start>Control Panel/Security Center
Hopefully you will see each item in green as shown in the following screen:
 If each item is green, then no further action is required. Proceed to Clean your System If any item is yellow, then this needs your attention at some point.
If any item is red (as shown below), there is a major security threat that needs urgent attention now. Items in Red will advise of the best course of action and will prompt you to fix the problem. Just click the recommended button and follow on screen instructions. The screen below for example, shows that the anti-virus software is out of date, Click on “Update now” to update.
The following screen shows that the Virus Protection update is out of date:
 Checking your Windows update
Your Windows system needs to keep itself upto date with the latest security fixes, drivers, features etc and does so by downloading these updates from Microsoft. Out-of-the-box your system will download and install these updates, called "Hotfixes", automatically so you shouldn't have to do anything. You know when hotfixes are being installed because you are told whenever your machine is being turned off. To make sure you are kept up to date make sure you have an internet connection available.
If your Windows update is “green” in the Windows security panel (see above) then there is nothing to do. However, if the status is anything other than green, check you internet connection is okey, then check manually for updates:
Click Start>Control Panel/Windows Update
Click on the “Check for Updates” on the left hand side.
If there are updates to download or install, you will see a screen like this:
 Just click on install updates. You may be prompted to reboot the PC.
Clean your System
Overtime and browsing the internet, your PC collects PC junk. Temprary internet files, and programs (cookies) that in time eat up valuable resources. These need to be cleaned off regularly.
To do this, I run a free application called CCleaner. If you haven't already got this, then download it from here.
Run the CCleaner program from either the desktop shortcut or from the program list.
You will get the following screen:
 (Selected options may vary depending on version)
Just click on the “Run Cleaner” button.
This will remove any temporary files and possible nasties floating around the system.
Tip – if you are paying for items using paypal, credit, visa or delta cards over the internet or have valuable sign-on information then run the cleaner before and after you have performed your task. This will reduce the risk of intruders obtaining valuable information.
Monthly Schedule
Full Virus Scan
Whatever anti-virus software you use, run a full scan once a month.
I normally install Avast on all machines I build or maintain because its fast, reliable, takes up very little system resources, updates frequently and is totally free. You can download Avast from here. However, never install more than one anti-virus program at the same time thinking you are hedging your bets. This can be totally derimental. If you are using another Anti-virus package and wish to install a replacement then you will need to un-install the old one first.
Non-Avast users will need to consult their manual for instructions but most work on the same basis.
So For Avast users:
Click Start>All Programs>Avast The following “stereo” screen appears:
 First, update Avast by selecting the update button (lightening symbol)
When complete, select all disks/folders you wish to scan by selecting the folder button (folder symbol).
Then start the scan by clicking on the Play button.
This will check every file on your system. Remove any media you have in your CD/DVD drives.
This may take some time - go and make tea!
Depending on your system and the amount of data you have on your system, you should come back to a screen saying "you have no infections". Horra - but if you do, you may get the something like the following screen:
 As it says, don’t panic. Simply click the on the recommend action then follow the on screen instructions then let the scan continue. Avast Anti-virus is resident which means it is constantly checking things coming in and out of your system. If this screen suddenly appears during normal use, take the same action above and run a full scan.
If the virus is stubborn and won’t go away, then you may need to a PC techician.
Spyware Update and Scan
Whatever Spyware application you use, run a full scan once a month.
I normally install Spybot Search and Destroy on all machines I build and maintain unless instructed otherwise for the same reasons as Avast. If you are using another anti-spyware product then you may have to consult their manual for instructions. Most work on the same basis.
For Spybot users:
Click on Start>All Programs>Spybot>Search and destroy. First make sure the Spybot is up to date so click on the “Search for updates” first and follow on screen instructions.
 When Spybot is up to date, then click on the “Search for problems” button as shown below.
This may take some time.  Hopefully, you shouldn’t have any malicious programs but if you do, you may get a screen that looks something like this:
 If this is the case, select all entries and click on the “Fix selected problems” button. A pop up window asks “are you sure you want to remove?”
Click on “Yes” button to continue.
In a few moments, Spybot will notify you that the problem has been fixed.
 Hopefully, this will be the end of the problem. Run Spybot “search for problems” again until it reports no problems.
If the spyware is stubborn and won’t go away, then you may need to call a PC techician.
Yearly Schedule
You need to have your PC serviced yearly. This will include disk checking, disk defragmentation and so on. Basically, its to cjeck that every thing is ok and is permining at its best.
You can read this article to give you some usefull perfomance tweeks and tasks.
However, if yor not comfortable with performing these, then call a PC engineer to perform a PC health check.
Lastly If you have any questions or concerns about your system and it’s security, then don’t be afraid to ask.
Good Luck
|
| Last Updated on Thursday, 17 September 2009 16:30 |