Security Tip April
Regardless of the operating system, whether Windows or Mac, computers are inherently secure, and only become insecure when people turn them on and start interacting with them. Installing programs and connecting to the Internet are the two riskiest things that can be done to expose the vulnerabilities that may exist – ironically, those are the very two things that people first do with a new computer. Since the safest computer, one that is disconnected from the Internet and/or off, isn’t very useful, there are some behaviors need can be adopted to lessen the risk.
To begin with, control what you type in to any web page and send out on the Internet. Don’t put your address, phone number, email address, etc, in a form unless you need to and can’t avoid it. Avoiding saving all your passwords in a single file on your desktop, and set a password for logging on to your system and on your screen saver if your computer is ever available to other people. These may seem like inconveniences, but they are less inconvenient than the potential risks.
Since the majority of risk comes from what the computer user does, the majority of risks depend on fooling the user to do something they didn’t intend. Viruses are often sent by email, sometimes at a rate of greater than 10% of a user’s mail, posing as innocent pictures or other email attachments, trying to tempt the receiver into clicking on the attachment, and thus infecting their system. Once infected, the computer could either be sickened so that it crashes, bugged so that it passes personal information back to an unknown source, opened so that it can be taken over as a remote drone or zombie, and even begin infecting other computers. Clearly, this is not a fun game to play. As a general rule of thumb, never click on an email attachment unless you are 100% aware of the contents and were expecting that file to be sent to you – if you need to, confirm the contents with a phone call, as oftentimes, it can be faster to reinstall the operating system rather than deal with trying to remove the tendrils of multiple virus infections.
Phishing, like a virus, is an act committed via email, however, in this case, it is an email attempting to fool the recipient into handing out confidential information. Official looking emails can be sent masquerading as a user’s bank or more generic sites like Paypal or eBay asking the recipient to “confirm billing information” or to “verify your account”. This social engineering technique is used in an attempt to get the recipient’s credit card number or account passwords, and then to make purchases charged to the recipient. To avoid being phished, never provide personal information in a response to an email, and make it a habit to follow up with a phone call to the source to confirm the validity of any request. Often, simply by opening a new web browser and manually typing in the company’s proper website is enough to bypass most foul attempts at phishing, since users are often misdirected to seemingly innocent, and nearly identical copies of these sites.
Even if you are a well educated and protected computer user, you can’t guarantee that anyone who uses your computer will be, so it is always smart to limit any potential damage a mistake could cause and install a few protective applications. There are dozens of reputable virus scanning software applications, and any one of them will catch the majority of problems, but also consider installing adware detection software. Some legitimate programs are paid in part via the ad revenue generated with a few extra popups on the desktops of users all over – installing software to kill that software will not only speed up your computer, but it will remove that Trojan horse, an application that seems innocent but hides an ulterior motive, and make your web browsing much more pleasant.
The vast majority of viruses and Trojan applications are unfortunately written for the Windows platform of computers, owing to the dominance of those PCs in the market. As a result, there are very few viruses written to infect Mac OSX or Linux – that doesn’t mean that users of those systems have to stop being concerned, just that the opportunity for malware or virus infections is much, much reduced. Regardless of the operating system, you should have a backup of any critical files, a task made much easier with CD-R and CD-RW drives – your image folders, resumes and other important personal records can be turned into a hard copy that will survive even if your hard drive doesn’t. There are more advanced backup management software options, however, they are beyond the needs of most average home users.
Don’t let the protective mindset stop at your computer – handheld computers called personal data assistants, or PDAs, are also susceptible to some of the same risks. Whoever finds your PDA if you lose it can steal your life, so make sure you take some precautions. PDAs, can be set to prompt for a password when turned on, which protects what is stored on the unit to a fair degree, since without the password, the only easy alternative is to reset the system from scratch, which deletes any personal content. There are also applications which can be used to encrypt passwords and financial information, like bank account numbers, so that sensitive information is kept even more safely.