Computer security is the most important aspect of responsible computing and often the least executed. There are a number of parts to security, but I’m going to discuss three areas: Backups, Passwords, and Anti-X.
This is the single most important area especially in a business environment. Your security preparations are only as strong as your most recent USABLE backup. Why do I emphasize the word usable? Because backups aren’t worth anything if they aren’t successful or if the backup includes the infected files. It is important to have a backup rotation that gives you a week or two at least to discover a problem and restore a good file. Backups should be tested periodically by restoring a file or two and then opening those files to make sure they are readable. I have spent hours going through customer backup files only to find that they weren’t able to be restored.
Use strong passwords! I cannot emphasize this enough. Sports teams, people’s names, animals, words with simple number replacements are all VERY easy to hack with something called a dictionary attack. A dictionary attack uses a file that contains common passwords and basic variations to try and log into someone’s account. Let’s say you love the Bengals (sorry for your delusion) and you say, hey, I’ll be clever and make the ‘e’ a 3 and the ‘a’ an @ sign giving you B3ng@ls. Don’t pat yourself on the back too quickly. This is a very common replacement scheme and one that is covered in nearly every dictionary attack. I personally use a program called Keeper Security which can be found here. I love this program. I use a relatively complex password for this program and then I allow the program to generate really complex passwords for all my other sites. The nice thing is that I can access this from any computer via the website and I can also access it on my mobile devices via apps for Apple and Android operating systems. There are browser plug ins for both IE and Chrome that make it easy to use Keeper on the go and save the complex passwords. I highly recommend using something like this for your passwords.
Finally, let’s look at anti-x software. This is used to include the array of anti-virus, anti-malware, anti-spam, etc. software that is available out there. In today’s world, it is imperative that you have some type of decent anti-x software installed. Microsoft, Symantec, TrendMicro, and McAfee all make high quality anti-x products that are suitable for both the home and business user. These software packages will check your device to make sure it doesn’t have any viruses on it at that moment. You can then enable some type of active monitoring that will check files, email, websites, etc. as you are working to try and prevent infection from occurring in the first place. Make sure the virus signatures are set to update at least once a day. I typically set mine to 11pm and 11am (every 12 hours). This helps make sure I’m as up to date as possible. If you hear of a new virus variant coming out, please check one of the vendors websites mentioned here to verify if it is a real issue, or just spam email. If it is a real virus that is new (generally these are referred to as ‘zero day’ viruses the day they are publicized) be extra cautions of anything even remotely suspicious that you get until your anti-x vendor provides updated signatures to handle the zero-day virus.
I hope you find these comments useful and I look forward to hearing your feedback.