|
Date: April
30, 2008
Subject: Security
Software Update
Lately, it
seems as though all we hear about are the new,
"improved" ways in which malicious software can
be delivered to your computer and steal your
personal information. How do you prevent this?
In this month's ELM Bulletin I will cover some
methods which you can use to protect your system
and keep your data safe.
1 -
PRECAUTIONS - As always, we remind
you to be careful of the websites you visit, the
email you open and the software you download and
install. While many spyware suppliers are
relying on automatic delivery methods (see the
section on PROTECTION for help in that area)
most spyware still depends on user activation.
In other words, you or I must do or open
something for the spyware to install. The
following precautions can save you from a world
of grief.
a -
Email - By default, most email
programs show the contents of incoming email
messages. While this is convenient it also
enables automatic activation of any
malicious payload bundled with the message.
We very strongly recommend that you turn off
the preview option for your Inbox and
Deleted Items email folders; as well as any
email folder where dubious email messages
are routed (such as Microsoft Outlook's Junk
E-mail folder). This means that you will
have to double-click a message in order to
read it but it significantly reduces the
risk of being infected by malicious email
that manages to bypass other security
layers. (You should talk to us If you don't
already have multiple layers of security.)
Don't open an email unless you're certain
you can trust its source. Many malicious
emails are in circulation that carry a very
convincing air of authenticity, if you have
any doubts about a message either contact
its presumed author or an IT specialist for
further information.
b -
Peer-to-Peer Networking - Many
computer users today use Peer-to-Peer
software (such as Kazaa or Limewire) to
share files with computer users around the
world. What you may not realize is that such
networks bypass the security protocols of
your office network, providing unrestricted
channels to your system and your corporate
network for anyone who wants to take
advantage of you. It is possible to enable
restrictions so that the average
peer-to-peer user cannot access your private
data but these restrictions will not lock
out most hackers. For home & personal use
Peer-to-Peer networking may be of value
(after all, it's your own computer and data
you are putting at risk), but such networks
should be absolutely banned in the corporate
environment.
c -
Internet Surfing - Although the
Internet is a wonderful resource it has also
been repeatedly referred to as a "Wild
West" type of environment. What with
fraudulent websites, drive-by spyware
deliveries and others, it is very possible
to have spyware installed on your computer
simply by visiting a website through a link
in an email or on someone's recommendation.
In the following section I will list several
programs that will help protect you "out
there," but nothing is more valuable that
plain old common sense. Like the cliché of
the used car salesman, if something on the
Internet seems to-good-to-be-true it most
likely is. Do some rudimentary research
before following a link purporting to be
from your bank and asking for your account
information (most organizations do not
request personal information; either by
email or un-solicited phone call).
2 -
PROTECTION - Sometimes, being
careful is not enough. None of us knows all we
need to know to keep the hackers out of our
system. That is where protection comes in handy.
Internet security suites stand as a barrier
between our ignorance and those who would take
advantage of it. Some very highly recommended
products are listed below. Regardless of which
product you use, you should ensure that you have
the following issues covered in some way:
Antispyware. Antivirus. Firewall.
Internet Security.
Update - In past ELM Bulletins I
have highly recommended both AdAware and
Spybot Search & Destroy. Unfortunately, I
cannot recommend these products any longer.
While Spybot does offer some value, both
Spybot and AdAware have failed to keep up
with the rate at which spyware has been
developed and are no longer able to detect
and/or remove all threats. If you are using
either of the above I recommend instead that
you uninstall them and install one of the
products listed below; all of which offer
live, real-time protection from most modern
threats; something neither AdAware or Spybot
provide.
a -
AVG 8 - AVG has recently updated
their famous anti-virus software from 7.5 to
version 8.0. Available in both paid and free
versions this is my product of choice for
home computers. The free version offers full
protection against viruses and spyware but
does not have the advanced features found in
the paid version. Users of older computers
will be pleased to learn that AVG 8 has
minimal impact on system performance. AVG
anti-virus has consistently been a top
contender in virus detection; now, with
spyware protection, AVG offers even greater
value.
b -
Mail Filtering - Of course, the
simplest way of preventing malicious
software from infecting your computer is to
prevent it from even arriving at the
computer. At its most basic, email filtering
scans incoming email and routes suspected
malicious email to a holding area for
further evaluation. Many methods of
filtering email exist. The most widely
available can be found in email programs
(such as recent versions of Microsoft
Outlook) that move suspect email to a
special junk mail folder. Large
corporations, or organizations dealing in
large volumes of email, may elect to use a
dedicated hardware device instead. These
email appliances stand between the Internet
and internal email accounts and filter all
incoming email with sophisticated
algorithms. Suspect email is flagged and
held, never arriving at the intended
recipient's computer unless released by the
system administrator.
c -
Spyware Doctor - Like AVG, Spyware
Doctor is available in both paid and free
versions. The free version offering the same
level of protection as the paid version but
without its advanced features and
functionality. Where AVG is free for
personal use, Spyware Doctor is free for
both personal and business use. It does have
a greater impact on system performance than
AVG but newer computers will hardly be
affected by it. Spyware Doctor is currently
a top rated performer by most reviewers.
d -
Symantec/Norton Products - Long the
standard against which all other products
were measured, the Symantec line of
protection software remains a top choice for
home and business use. Symantec's Internet
Security Suite is a worthwhile product
offering full and flexible security with
some impact on system performance (more so
in older XP systems). Other product
offerings fill every need from basic, single
computer security to all-encompassing
security on corporate network.
e -
Windows Firewall - Derided by some
and praised by others, the firewall that
comes with the newer versions of Windows is
very useful and offers a reasonable level of
protection at minimal cost (free). Other
firewalls may provide greater flexibility
and functionality, but for basic protection
I have no problem recommending Windows
Firewall. The fact that it minimally affects
system performance is an added advantage
that will be of value to those with lower
powered systems.
As always, please
contact me if you have any questions about this
or any other computer
issue.
Previous issues of the ELM
Bulletin are
available from our website.
You have
received this ELM Bulletin either by request or
because you have given your contact information
to an ELM employee. If you no longer wish to
receive the ELM Bulletin, send us an email with
"Remove Me" in the subject line and we will
remove your address from our distribution list.
|
