5-Minute Security Advisor - Essential Security Tools for Home Office Users
|Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.|
It used to be true that if you had a computer at home, the biggest risk you faced was losing data due to a fire, hardware failure, or other catastrophe. While those risks are still with us, the blessings of always-on, high-speed Internet connectivity has exposed us to new threats, as well as intensifying some older ones. The good news is that, with the right tools, you can do a great deal to safeguard your home computer against malicious attacks, viruses, and other bad stuff.
Some of these tools come included with various versions of Windows. Others come from third-party vendors, like Symantec, McAfee, and others. It's not necessarily important that you use a particular brand of tool; it's more important that you have the right tools, no matter who makes them.
On This Page
First Things First
First Things First
The best defense is a good offense. From a security standpoint, that means the most valuable thing you can do is take proactive measures to keep your system software up to date—as malicious attackers identify new exploits, you'll need to keep up to date so that your computer is protected.
Action If you're running Windows XP or Windows 2000, go to the Microsoft Baseline Security Advisor page. The MBSA is a web-based application that identifies which security patches you should have and compares that with the patches you do have. Follow the MBSA's recommendations and you'll start out with a solid base configuration.
There are several security tools built right into Windows and Internet Explorer, including Windows Update, the Windows XP Internet Connection Firewall (ICF), and a variety of privacy tools. Learning how to use them will help you get the most security for the least expense.
Okay, technically information resources (websites, books, and articles like this one) may not seem to be tools in the same category with the other items mentioned here. However, they're just as important, because the more you know about security fundamentals, the better-equipped you'll be to make good decisions about the security configuration of your computer.
The Windows XP Expert Zone is the official online community for Microsoft Windows XP enthusiasts. It is loaded with articles published weekly by industry experts all about how to take advantage of Windows XP's features and functionality.
Microsoft has provided a variety of check lists aimed at helping home users identify steps toward securing their home computers.
Along with the best practices check list, Microsoft has provided tips for home users on how to use and enable security and privacy features in some popular Microsoft products.
In engineering parlance, a firewall is a barrier that separates sensitive components from danger. For example, that piece of metal that separates your car's passenger compartment from the engine compartment is technically a firewall. Just like their automotive namesake, a network firewall's job is to keep certain kinds of traffic away from your computer and devices on your network. A well-designed, properly implemented firewall can greatly improve network security and reduce risks.
A network firewall system can include both software, and hardware components. There are a variety of companies providing software firewall solutions for home computers and home networks. In addition to third-party firewalls that you can install, Windows XP comes with an easy to use firewall called the Internet Connection Firewall or ICF for short. Windows XP ICF provides a way to prevent the traffic on the outside network from accessing some or all aspects of your computer.
Remember, ICF will be enabled by default for network connections that you create using the New Connection Wizard, so you don't have to do anything special to get protection for those connections. If you want to tweak things manually, Microsoft TechNet has a variety of articles about Windows XP ICF including one providing step-by-step instructions to enable it. (There's also a knowledge base article that provides a bare-bones guide if that's your preference.)
Action: If you're running Windows XP, turn on ICF on your main Internet connection by following these simple instructions.
The term "virus" is used to describe self-replicating computer programs that propagate themselves between files on a computer, and even between computers. Viruses usually, but not always, the something malicious, like overwrite files or waste your bandwidth by sending copies of themselves to everyone in your address book.
The best way to protect yourself against viruses is not to catch them in the first place. Of course, in practice, this is difficult if not impossible, because to be completely virus-proof, your computer would have to remain isolated, with no external input from the Internet, floppies, CD-ROMs, and so forth. Your next best bet is to use a good-quality commercial anti-virus package. These scanners examine the files, folders, mail messages, and Web pages on your computer, looking for the distinctive patterns of viral code. When the scanner detects something that looks like a virus, it quarantines the suspect object and warns you about what it's found.
Action: If you're using Outlook as your mail client, get and install the Outlook Security Update, which gives you a great deal of protection against email-borne viruses. (Note that this update's functionality is built in to Outlook 2002, which comes as part of Office XP.)
TechNet has a great summary page that is continually updated to reflect newly emergent viruses. While you're reading it, reflect on the fact that most email-carried viruses spread because people do things they shouldn't, like launch attachments from unknown sources.
Strictly speaking, privacy tools don't provide you any additional security against a break-in, viruses, or other types of attacks. They do, however, help safeguard the information on your computer against accidental or intentional disclosure. You should consider what level of privacy you are interested, and then decide what third-party and Microsoft security tools you are interested in using.
For example, let's say you're a doctor. You occasionally keep patient notes, or other material that should remain confidential, on a computer that you use in your home office. You want to those records to remain unreadable to third parties, even if they somehow managed to steal your computer. If you're using Windows 2000 Professional or Windows XP Professional, you can use the Encrypting File System (EFS) to encrypt selected data on your hard disk so that no one except you—or the other users you designate—can read it, even if your computer is stolen.