You see it in the news again and again: Identity theft, corporate data stolen, private information falling into the wrong hands...
But these kinds of problems are almost all preventable. With the five simple steps outlined here, you can make just about any PC -- in the corporate world or at home -- secure from online attacks and data theft. Some of these steps may seem familiar; and that's a good thing if they do, because it means you're up to speed on the essentials. But even experts sometimes miss a step, so having a checklist or guide like this can be handy.
Plus, we've assembled dozens of live links for you, giving you nearly instant access to the many tools and informational resources we discuss.
Let's get started!
Close The Holes
All software -- bar none -- contains bugs, errors, omissions, and security holes. No brand or vendor or source is immune. Therefore, obtaining and applying security patches as they become available must be a top priority in keeping your PC safe and secure. Most vendors offer automated or semi-automated tools to help stay current. The most obvious and popular are Microsoft's WindowsUpdate and Office Update. Most vendor Web sites also offer index pages or catalogs of all to-date updates, letting you zero in on any you may have missed previously. For example, Microsoft's "Security Updates" meta page is here. Whatever software you use, start the year off right by ensuring you're 100% up to date with all essential patches, updates, and bug fixes.
Just about everyone now realizes the necessity of some kind of firewall to block malicious attacks or connections from external sources. And just about everyone has access to at least a basic desktop firewall, such as the simple one built into XP. (More info: See this or this.)
But there's still confusion and misinformation about the necessity of a desktop firewall if a given PC is already protected by a hardware firewall or the actions of a router, NAT, or similar devices. While those separate devices are excellent against external intrusion, most are all but useless against "phone home" exploits and similar "attack from within" used by some malicious software ("malware"): These malicious outbound connections appear to originate inside a given PC, and so are automatically allowed by most external defenses.
In sharp contrast, the better desktop firewalls block or flag all outbound connections at first activation, letting you prevent "phone home" and similar covert outbound connections before they start. So: Use a desktop firewall, even if your PC is also protected by a separate external firewall.
You can see which firewalls are rated most highly by your fellow users in "Readers Rate Desktop Firewalls". And there's lots more information available in "How Much Protection Is Enough?" ; "Norton Antivirus And The Single-Layer Defense Fallacy"; and "Four Myths of Online Security."
While "closing the holes" and "blocking intruders" will go a long way to securing a PC, there still are several vectors by which hostile software can make it into your PC; especially through infection from trusted sources, such as from co-workers' PCs or other PCs on your LAN. For this reasons, and as part of good basic digital hygiene, every PC needs effective, current antivirus protection.
There are many options, but my current top pick is NOD32; a relatively lightweight (non-resource-hogging) utility with an innovative way of securing E-mail without the clumsiness of proxy-based approaches; and with outstanding heuristics that make the tool unusually resistant even to new and as-yet unidentified viral threats.
There are also many free antivirus tools and services available; so there's really no reason for any PC to run unprotected.