Lockdown: The InfoSecurity Guide to Securing Your Computer, Part I
This is a two-part series to locking down the computer to provide maximum protection. Even though this guide will sound intrusive, we are talking about reality here. Extreme measures must be taken to protect our computers, especially when we have confidential documentation or do internet banking, which many people do. We all have to use electronic devices at some stage, whether it be for business or personal use.
Hackers are more educated than ever before. First thing in the morning, once I get up is make myself a coffee and read the RSS Feeds, I almost always come across the headlines, "data breach at xxx organisation". Sadly, we cannot do much when our details are stolen from organisations. However, I will recommend signing up with smaller businesses that are less likely to be hacked. For example, don't go with a big name bank. Go with a bank that has less publicity.
Today's article will be about the importance of updating your OS and software, and using Antivirus and Malware scanners along with using Sandboxie and EMET to complete your browser security needs.
I see so many people complaining about having to update OS and the software. What people don't understand is how important these updates are. Microsoft has a rating system with "critical" being the highest. To be honest, all Microsoft updates should be applied the minute you get a notification. Microsoft releases update every second Tuesday of the month, but it will sometimes break that date to release an emergency update. Now once a month isn't too bad. I think in terms of the security patches it applies, it is well worth it.
Now what should you do to make sure you receive updates straight away? I suggest you navigate: Start Menu -> All Programs -> Windows Update -> Change Settings. Further, I suggest the following changes to be made: From the drop-down located under "Important updates", select Install updates automatically. Choose to install updates every day and pick a time.
Personally, I choose 3.00 AM so I get the updates first thing in the morning which means it doesn't interfere with my daily tasks. Ensure you have enabled the following: "Give me recommended updates the same way I receive important updates", 'Give me updates for Microsoft Products and check for new optional Microsoft software when I update windows", and "Show me detailed notifications when the Microsoft software is available".
You should only enable "Allow all users to install updates on this computer" if you don't use the Administrator account.
Now let's talk a little about keeping programs up to date on your OS. There is important programs that should be treated like you would with an OS update, and then there are less important ones.
Let's explain a little more about the important and the lower priority updates. Programs that are popular such as Adobe Flash and Java must be treated as high priority updates. These products are so popular and almost every computer in the world has them. There will be many more hackers attempting (and successfully) exploiting these programs compared to a little piece of software called Everything (useful program—should check it out!). So that is why some products are more dangerous than others and therefore make it a high priority updating software.
- I highly recommend not to download software in the Beta and Alpha stages. This is due to instability and they most likely will contain many bugs and open holes for hackers to exploit.
It is absolutely crucial to have a virus scanner before you even consider going onto the internet or even plugging a USB stick into the computer. I know this will cause some heat but, I am against using a free antivirus program.
Free programs come and go and they are usually easy targets. Many don't earn enough revenue to even maintain today's standard. I would much rather pay $80 on a yearly basis to keep my computer secure.
Sure, Microsoft might earn big time money and have their own antivirus program. But look how many people are using it? Its customer base is growing and so is the hacker's interest in the software. I use Norton360 and I have never had a problem with the product. Customer support lacks, however. There are many more antivirus programs out there, such as Trend-Micro, F-Secure McAfee and more.
In addition to having antivirus software, you should also have an on-demand malware scanner. This time I'm going to recommend a free software such as Malwarebytes. Antivirus software usually aren't good at getting Malware and that is why it is important to have a product for that as well.
Let's assume your computer is infected. You aren't sure whether it might be a virus or Malware. What is the first step you should take? Disable the internet connection. Why? Because Malware is about collecting data from your system and sending it back to the author, which requires an internet connection. But like I said, you aren't sure whether it is a virus or Malware, so you have to take that step as a precaution.
The next step is to run a full system scan on the computer to see whether the antivirus picks anything up. Let's say it didn't and then you wanted to run a scan with Malwarebytes. What can you do to improve the detection rate? You could rename Malwarebytes to a process that the Malware needs to send its data back to. For example, you could rename it to explorer.exe or 1234.com.
- NEVER use multiple live scanners. The two live antivirus scanners will conflict and fight each other, which will result in system instability. You, however, can use multiple on-demand scanners with a live scanner.
Sandboxie is yet another great internet tool. Basically, it run programs in an isolated environment. So when you visit an infected website it cannot get onto your operating system. Just close Sandboxie and delete all its contents and the virus will be gone.
Now lets harden some programs such as Java, Firefox and Microsoft Office. For this, we will use The Enhanced Mitigation Toolkit (EMET) from Microsoft. I want you to install it and open up the main page, which will look like this:
Do NOT configure the system. I recommend configuring apps.
- Firefox - Click Add - > Go to Program files (x86 on a 64-bit system) -> Mozilla Firefox -> then click on "firefox.exe".
- Firefox Container - Click Add -> Go to Program files (x86 on a 64-bit system) -> Mozilla Firefox -> then click on "plugin-container.exe".
- Java - Click Add -> Program Files -> Java -> Then select the version (e.g. jre7) -> bin -> java.exe
- Microsoft Word - Program Files -> Microsoft Office > Office 14 -> WINWORD.EXE
Caught the drift yet? Taking small steps such as the above methods really can improve your computer's overall security.