Before you begin reading this article, there is something that it is critical to understand. Simply put, there is no such thing as a completely secure web browser or operating system. While any of the major security suites and associated products will greatly reduce your exposure to security risks, they are not silver bullets that will stop everything that may come your way. Any product that claims to eliminate 100 percent of your security risks should be looked at very carefully.
Now that we have the ground rule out of the way, let’s consider security suites and computer security. There are a variety of means by which the security of a computer can be breached. Among the most common threats are crackers, phishing, Trojans, viruses, and worms. Potential security risks can also be introduced through spyware, malware, or email attachments, and something called port scanning.
Dshield.org, a Florida-based non-profit company, provides “platform for users of firewalls to share intrusion information”. What they do is work with software vendors to allow for a common reporting platform of port scanning activity detected by software. Port scanning is when software scans another computer system looking for open ports to connect to. Port scanning is often a prelude to other types of attacks, and is used by many viruses and worms to propagate themselves.
Among the more interesting items reported by DShield is the “survival time”. What this means is how long an unpatched computer will be able to “survive” online before being attacked. Over the course of the past year, the survival time for an unpatched Windows system is approximately 100 minutes. If you have an unpatched Windows system, you can expect it to be attacked in about an hour an a half. Clearly, you need to take matters into your own hands to protect the security of your computer systems.
There are some simple steps you can take to quickly and easily protect your computer.
1. Never run unfamiliar programs on your computer. While it may seem to be common sense, many of the most widely-spread attacks have involved spyware and email attachment worms. The rule is simple: Don’t open the attachment if you don’t recognize the sender.
2. Never allow others to have unmoderated physical access to your computer. If you have sensitive or confidential information on your computer, if you allow others physical access to the system, they may either inadvertently or intentionally breach the security of the computer.
3. Always use strong passwords. Be sure none of your passwords are easy to guess. Many people use the names of pets or children, or anniversaries or birthdays. Given how many passwords seem to be needed, another common mistake is for someone to use the same password for everything from their picture-sharing website to their online brokerage. By using only one password, if one system is compromised, all systems you have access to can be compromised. Also, if you absolutely must write your password down, never leave it attached to the computer. I recently saw the proprietor of a small business peering under her keyboard to login to her computer.
4. Be sure to keep your operating system and all installed applications up to current patch levels. Most security experts share the opinion that almost all network-based security attacks would stop if users kept their computers up to date with patches and current security fixes. Almost all of us forget to do this regularly. New Trojans, worms, and viruses are being distributed and created every day. Almost all of them are trying to exploit newly-discovered weaknesses in operating systems and applications.
5. Backup backup backup! It can’t be said enough that it is vitally important to keep regular backups of any and all important data. Even if your system is kept secure from worms, viruses, and Trojans, it is still vulnerable to fire, theft, flooding, hardware failure, and any number of other things that can destroy your most valuable data. Given the ease and availability of CD and DVD burners, there are no excuses for not keeping your data backed up.
For most people, enabling auto-updates, using safe email practices, and using a password-protected screensaver provides adequate security. If you would rather take some additional measures to improve the security of your computer, you should consider purchasing a comprehensive security suite.
While there are many packages out there, you should start with asking yourself some basic questions: Are you the only user, or are there multiple users? If there are multiple users, are any of them children? Do you need to password-protect individual files, your desktop, or someone’s internet access? How much are you willing to spend? What kind of system are you running?
Once you are able to answer those questions, you can begin to research which of the available security suites is best able to meet your needs. Consumer Reports, ZDNet.com, and PC Magazine are just a few of the very informative websites available that offer information and insight into security suites.
There are many different security suites available today. Be sure to conduct your research carefully to find the one that best meets your needs. Listed below are some of the more popular choices, along with what PC World had to say about them.
1. Symantec Norton Internet Security 2006. Symantec’s suite produced top-tier malware detection and cleanup scores, but it would benefit from a more streamlined interface and fewer pop-up alerts.
2. McAfee Internet Security Suite 2006. The excellent malware detection and cleanup scores of McAfee’s full-featured suite make up for its terrible installation routine.
3. Panda Platinum 2006 Internet Security. Panda has superior heuristics, a top-notch firewall, and speedy on-demand scanning, but its interface needs better organization.
4. F-Secure Internet Security 2006. This suite’s five scanning engines–including one for rootkits–produced excellent malware detection scores but the slowest scan speed.
5. Trend Micro PC-cillin Internet Security 2006. Trend Micro’s interface, speed, and features (including an antiphishing toolbar) were better than its malware detection scores.
Mike Tetreault is an accomplished developer and systems architect. He is also the managing principal of Macrocosmic Technologies