While computer security has been important for a number of decades, recent developments in technology and a significant increase in people using technology have made proper information security a critical need for every business.
Twenty years ago, the prevalent viruses were spread through passing around diskettes and primarily caused damage to files and folders on the infected systems. Now, with the widespread adoption of the Internet and the increased use of technology in our daily lives, malware is spread merely by loading a web page or opening a file sent via email. The consequences are drastically worse as well, ranging from stolen passwords and accounts, to having all accessible data encrypted and held for ransom, to unknowing participation in botnets used for illegal activities. Fortunately, there are several precautions we can take to protect ourselves and our livelihoods from those who would do us harm.
The first step is to secure your workstation. The most complex password in the world is meaningless if someone is recording everything you type. A reliable antivirus/antimalware software package is vital, and keeping it up-to-date is imperative.
On the free end of the spectrum, AVG Free tends to get the highest ratings for protection. For paid applications, many of the consumer software packages also have business-specific editions meant to make management of multiple machines easier, without many of the annoying features of the consumer versions (pop-up reminders, upgrade/update notifications, etc.). We use McAfee Endpoint Protection and VirusScan Enterprise for our clients, but packages from Symantec, ESET, Vipre are also highly rated.
Be sure to only run one application, multiple antivirus applications on the same machine will interfere with one another. Also, set when the software checks for updates and runs system scans and make sure that the computer will actually be on during these times!
Another very important step in securing your workstation is to stop logging in as an administrator. Unless your technology environment is complex enough to have an account server, you’re likely logging in to your machine on the account you created when you turned it on for the first time. By design, this account has administrator access, meaning every click you make has the potential to affect the entire computer. To limit the damage you might do inadvertently, create another administrator account with a secure password and convert your account to a standard user account. Now, if you run into some nasty malware that your protection software misses, it should only affect your account and you can use the administrator account to log in and fix the infection.
The next step is to secure your network. This is everything between your computer and your connection to the Internet, typically a router, Wifi and wires. The first thing to do is make sure your Wifi network is password protected. A Wifi network without a password is like an office without any locks on the doors and windows: everything in it is free for the taking by anyone who wants it. Next, log into your router and change the admin account password. A quick Google search will yield the default login for most router brands, making it easy for someone to log in and shut off access to your Internet connection or worse.
Finally, now that your computer and network are more secure, focus on your accounts. These are your logins to email, Facebook, banks, etc. The best practice is to use a secure password and use a different one for each account. A secure password should contain at least 10 characters with capitals, numbers and special characters mixed in. While this is a seemingly impossible task for most of us who sometimes have trouble remembering even one password, there are several ways to accomplish it.
First, use a password manager (not a Post-It in your wallet) like mSecure, PasswordBox or LastPass. These are available for almost every system and mobile device. They store your passwords securely encrypted, unlocking with the one password you’ll really need to remember. Second, pick a base password to use then add something different to it for every account. For example, set a base password of “flap-Jackz27” then add “Amz” for your Amazon account (flap-Jackz27Amz), “eb4y” for your ebay account (flap-Jackz27eb4y), and so on.
There are a number of more complicated and/or costly measures to undertake for more complete security, but these few steps will drastically increase your level of protection from technology’s darker side. QCBN
Ryan Ridge is co-owner and technology development director of a Prescott-based small business called CommunIT. CommunIT is an IT managed services partner serving the non-profit and business sector of the Quad Cities area by strategically and creatively integrating technology to build organizational capacity and achieve both short and long-term business goals. Ridge can be reached at 928-443-8433. For more information about CommunIT, visit www.azcommunit.com
Leave a Reply