[Image Source: Pixabay.com]
As newer and more complex security threats emerge, keeping your computer and network secure is an increasingly challenging task. With the Internet transitioning to the Internet of Things (IoT), the threat environment is growing by an order of magnitude. Whereas the Internet bought together a couple of billion devices, the IoT is connecting tens of billions of gadgets.
Few things better portray the danger transformations like IoT pose to computers than the scale of recent DDoS attacks such as the Mirai botnet that leveraged the power of unsecured cameras, microwaves, refrigerators and televisions.
Fortunately, you can make your computers and networks more secure if you adhere to the following tips.
1.Upgrade Your OS to 64-bit
However, from a security perspective, the older your technology is, the more vulnerable it is to attack. Windows XP and other 32-bit Microsoft Windows releases may have worked relatively well in the past but they are now well past their prime. Moving to 64-bit Windows 7 or higher makes it harder for the bad guys to penetrate.
2. Drop Office 2003
On home computers and in most office computers, Microsoft Office or a similar document management software suite is the application you are likely to use the most. Just like you should upgrade your OS, you should do the same for Microsoft Office especially if you are running a version as old as Office 2003.
Office 2003 is particularly vulnerable because it relies on a binary file format that can trigger malicious code when you open an infected document. Newer office versions like Office 2007 and Office 2010 use XML file format which isnâ€™t as susceptible to this problem. Office 2010 even has a Protected View that allows you to open potentially risky files like Internet downloads and email attachments in read-only mode.
3. Use Administrator Accounts Sparingly
By default, the first account on your server or personal computer created during or immediately after the installation of the operating system, has administrator privileges (on a PC, it may not necessarily be called â€˜Administratorâ€™). Some users (and system administrators) continue to rely on this account to perform all activity on the said computer. This is risky for two reasons.
First, the unrestricted rights of an administrator account mean an accidental action by the user could have grave consequences (for example, accidentally deleting a critical system folder). Second, an attacker would have unlimited leeway with the system if they hijacked a web session (e.g. on a website with poor SSL certificate management) or tricked the user into downloading malware disguised as an email attachment.
To prevent this, create user accounts with limited rights and only switch to the administrator account when doing things that require it (such as hardware and software installation, or system configuration).
4. Full Disk Encryption on Laptops
Laptopsâ€™ portability means they are far more prone to theft compared to desktop computers. When you lose a laptop, what worries you the most is not how much you spent buying it â€” chances are you can afford to purchase a new one in the short-term. Rather, itâ€™s the sensitive personal and corporate data it contains thatâ€™ll be your biggest headache.
Standard password protection mechanisms can provide some measure of security but are fairly useless for a thief with intermediate to expert IT knowledge. A much more effective barrier is full disk encryption (FDE). This ensures that all the information in the stolen laptop including files and the operating system become unreadable garbage.
Keeping your computer secure means always being one step ahead of fraudsters, hackers and other people trying to break in.