Security Online - Some basic IT hygiene tips
by Fernando de la Cuadra - International Technical Editor, Panda Software
In a previous article dealing with online security prompted many readers with home PCs to ask for advice on how to stay safe and still get the most out of the "information highway".

The first and fundamental step is to install software on the computer that will protect you from any nasty surprises. This software should include a program capable of detecting potentially dangerous activity on the computer as well as warning when a dangerous file tries to enter the system.

It should also be capable of detecting any suspicious file or activity, even if the software has no prior record of this activity. An old enemy is easy to spot, but what about new threats? Reliable software should be able to detect dangerous behavior without needing a previous description of the culprit.

This software should also be able to operate at low levels i.e. when data enters the system, the program should be the first to know it and alert the user when necessary. For example, in the event of an e-mail-borne virus that activates simply when viewed in the Preview Pane (without having to open the message or any attached files), the user should be alerted even before the e-mail program notifies that a new message has been received.

Another essential feature of a reliable program is that it should be independent from the rest of the software on the computer. This means that the protection should be the same regardless of whether browsing the Internet with Microsoft Internet Explorer, Netscape Navigator or Opera, or whether mail is processed through Eudora, Outlook Express or Pegasus.

So what kind of software are we looking at here? We’re talking about antivirus programs. Although you might think that, as the name suggests, these programs only protect against viruses, they are also a fundamental part of protection against all attacks. By preventing even the smallest amount of software from entering your computer, no one will be able to take control of your system to carry out malicious acts, like hackers.

An antivirus doesn’t just simply deal with viruses. As the software is fundamentally designed to root out viruses, it is quite simple to add information to the database to detect Trojans, backdoors, etc. So when an attacker tries to insert a program on a computer, it will be filtered by the antivirus, which will sound the alarm.

Flaws or vulnerabilities in software applications are another cause for concern, as they can make an attacker’s job easier, without them even needing to insert programs or code on the victim’s computer. In these cases there is usually a solution or ‘patch’ available before most users have even realized that a problem exists. All software manufacturers are constantly updating products to protect against possible errors, so it is well worth being aware of these issues and applying the updates where necessary. If in doubt, the manufactures website is usually a reliable source for the latest information and all license holders are entitled to download these updates. So there are good reasons for avoiding pirated software after all!

Speaking of updates, remember that all antiviruses should be updated regularly. How often? Well this really depends on the manufacturer. Each vendor will no doubt recommend updating as soon as a new update is available –logically-, but bear in mind that 15 or so new viruses appear every day, waiting two or three days before updating an antivirus can prove to be an increased risk.

Another practical security measure is the installation of a personal firewall. Firewalls constantly monitor activity across all ports on a computer. It is possible to configure the firewall to keep a specific port closed or to warn when someone is scanning open ports


Most IT pros have seen potentially embarrassing information about their colleagues

More than three-quarters of IT professionals have seen and kept secret potentially embarrassing information about their colleagues, according to new research conducted by AlienVault.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th