9 Rules for safe Computing

1. Keep yourself patched. Do your Microsoft and other patches quickly. Security flaws in Java, Adobe flash, Adobe Reader, and Windows are quickly exploited and rapidly patched. That is why you must do your Microsoft Security updates, and run Secunia and deal with its issues when it turns red. You also need to keep your browser(s) updated.

2. Never install a program you have not vetted to know it is safe. That means never respond to an advertisement or email and install a program. Instead of using the advertisement go to the company's website yourself, not by clicking on the ad supposedly from them. Do not install an unknown program because it sounds good. Check the company out. Use WOT. Check with experts. The simplest statement of this rule is from Brian Krebs "if you didn't go looking for it, don't install it."

3. Use it or lose it. If you don't need it, uninstall it.

4. Use extreme caution when going into dark back alleys. Like normal space, cyberspace has a wide Web, and an underweb. The Internet has shopping malls, and back alley tricksters selling authentic Rollingex watches. When you veer off the well beaten paths, exercise vigilance. Use WOT and pay attention to its warnings. Check out the information it provides when going to a new site.

5. Use good passwords. Passwords should be long, at least 20 to 25 characters, and be a mix of characters types. The more random the better, and not repeated. This means that you will need to use a password safe. People sometimes don't think they need good Email passwords, because they don't do private things with their email. But email accounts are used to send confirmations of password resets on other accounts, so controlling your email account, could allow them to reset any password you have for any other account. Never use the same password for multiple websites. I've written a number of articles on passwords and how to make good ones and store them.

6. Maintain current Antivirus software. Antivirus software is good at protecting you from known malware, but not good at detecting new ones, so it is simply one important part of the puzzle.

7. Setup your router properly. That means strong encryption and a good password for wifi, changing the default router password, and turning off upnp, and wps

8. Mobile computers must take extra care. They should use a known good DNS server. I recommend OpenDns, but Google also provides free service. Also, I recommend using a secure vpn service like TunnelBear or Witopia.

9. Encrypt anything on your computer that needs to be kept secret. If your computer is stolen, or accessed by someone untrustworthy, the Windows password provides almost no protection. It can be hacked or reset to blank in just a few minutes. The proprietary encryption tools, like those in Quickbooks, provide almost no protection as well, because they too, can be hacked in just a few minutes. If it needs to be kept secret, make sure it is encrypted properly with a sound, well established, encryption process, not some private hidden, unexplained one. There are many ways to do this, and your password safe hopefully uses one. Besides the password safe, for encrypted files I normally recommend a Truecrypt partition or file.

Date: April 2013

This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe Search All Articles Browse by Category Security Internet Mobile Business Hardware Fun		9 Rules for safe Computing 1. Keep yourself patched. Do your Microsoft and other patches quickly. Security flaws in Java, Adobe flash, Adobe Reader, and Windows are quickly exploited and rapidly patched. That is why you must do your Microsoft Security updates, and run Secunia and deal with its issues when it turns red. You also need to keep your browser(s) updated. 2. Never install a program you have not vetted to know it is safe. That means never respond to an advertisement or email and install a program. Instead of using the advertisement go to the company's website yourself, not by clicking on the ad supposedly from them. Do not install an unknown program because it sounds good. Check the company out. Use WOT. Check with experts. The simplest statement of this rule is from Brian Krebs "if you didn't go looking for it, don't install it." 3. Use it or lose it. If you don't need it, uninstall it. 4. Use extreme caution when going into dark back alleys. Like normal space, cyberspace has a wide Web, and an underweb. The Internet has shopping malls, and back alley tricksters selling authentic Rollingex watches. When you veer off the well beaten paths, exercise vigilance. Use WOT and pay attention to its warnings. Check out the information it provides when going to a new site. 5. Use good passwords. Passwords should be long, at least 20 to 25 characters, and be a mix of characters types. The more random the better, and not repeated. This means that you will need to use a password safe. People sometimes don't think they need good Email passwords, because they don't do private things with their email. But email accounts are used to send confirmations of password resets on other accounts, so controlling your email account, could allow them to reset any password you have for any other account. Never use the same password for multiple websites. I've written a number of articles on passwords and how to make good ones and store them. 6. Maintain current Antivirus software. Antivirus software is good at protecting you from known malware, but not good at detecting new ones, so it is simply one important part of the puzzle. 7. Setup your router properly. That means strong encryption and a good password for wifi, changing the default router password, and turning off upnp, and wps 8. Mobile computers must take extra care. They should use a known good DNS server. I recommend OpenDns, but Google also provides free service. Also, I recommend using a secure vpn service like TunnelBear or Witopia. 9. Encrypt anything on your computer that needs to be kept secret. If your computer is stolen, or accessed by someone untrustworthy, the Windows password provides almost no protection. It can be hacked or reset to blank in just a few minutes. The proprietary encryption tools, like those in Quickbooks, provide almost no protection as well, because they too, can be hacked in just a few minutes. If it needs to be kept secret, make sure it is encrypted properly with a sound, well established, encryption process, not some private hidden, unexplained one. There are many ways to do this, and your password safe hopefully uses one. Besides the password safe, for encrypted files I normally recommend a Truecrypt partition or file. Date: April 2013 This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.
		I attempt to provide reliable information, but make no warranty as to the accuracy or safety of these articles. I disclaim all legal responsibility for what following these instructions may do. Follow my advice at your own risk