3 Steps to Desktop Security
w.02.2007 / r.05.2009
The biggest issue here is not the damage to your computer, but the damage to your business.
If one of your desktops became infected by a keylogger, and the mastermind behind it captured
your employees usernames and passwords, that person could log in and start stealing data -
data like credit card numbers. Anything stored on your network is vulnerable and can be
used to take something from you without permission, or via blackmail. Your computer may
not just "go boom". A Saavy thief would rather you think that everything is fine, so he
can continue stealing what he pleases, for as long as he can.
I will briefly discuss three steps that are important to keeping your computers and data secure.
Desktop Antivirus Software
There are many vendors selling their version of antivirus, accompanied usually by their version of a firewall, anti-spyware, and anti-adware.
I prefer to stick with the larger vendors that sell to thousands of customers, i.e. Microsoft, Symantec, Mcafee, BitDefender and Computer Associates.
In the end, it really does not matter which one of these you choose. Their protection is at about the same level and
each have their pros and cons. Sure, some report may say that one is marginally better than the other, but
then next year, or next month, things change. You'd be hard pressed to truly find an unbiased report anyways.
Long story short, if they are a large vendor, they have too much at risk. It is not worth the time to split hairs
to determine which package was marginally better last year and assume they'll keep it up this year. Besides, you
should not rely on antivirus alone to maintain security.
The single most important factor to consider is the packages ability to *detect* a virus or virus-like activity.
One thing to avoid is software that pops up, telling you it did something every 5 seconds. Security is their job, not
yours - it should not hinder your work. A good program will not ask for your input on benign operations,
but many do this to make you believe it's "doing a good job".
I used to use McAfee religiously, then Onecare, then Bitdefender. Bitdefender's 2009 engine has been problematic for us and our users. In addition,
CA has been showing some bloat on older XP machines, so that led to me doing an out-of-band reevaluation of the market. I was very surprised
at what I found.
Symantec rebuilt their engine recently from the ground up. Norton in the past had a real problem with bloat, speed and annoyance but
in their 2009 antivirus, it is lean and mean. It has score a hair below the gold standard (Avira) and on price point that make it a very attractive
choice. So, to my amazement, I use Symantec Antivirs, and am very happy for now.
Please note that ANY of the above titles (and others) are perfectly fine to use. This is really only one third of your protection anyhow.
Human & Third Party Scanners
Much can be said for an actual human familiar with the PC inspecting your system.
Periodic inspection of your process list is important. The process list
shows everything currently running on the computer. Right click on the
taskbar and choose Task Manager. Click the Processes tab. You can type all
these program names (i.e, foo.exe) into Uniblue (www.liutilities.com) and
get a pretty accurate description of what it is. If you find something that
does not sound right to you, have someone inspect further.
Check your startup configurations - this list includes anything additional that starts up when Windows boots. Click Start, Run and type 'msconfig'.
Click on the tab titled Startup. Do the same thing here and lookup names, or catch a clue from the "path" it is using.
Periodically go through your Add/Remove Programs list in Control Panel. See if any programs got installed without your knowledge.
Download and periodically run Microsoft's Malicious Software Removal Tool
Download and periodcally run Microsoft's
It can detect all rootkits published on www.rootkit.com.
This is a very important part of security. Even if someone cracks into your
network or PC, you can minimize your exposure by assuring the data, to them,
is useless. There is really no other way to accomplish this other than to
use third party encryption programs, the most accepted being PGP.
PGP has a very cool utility called Netshare; we find that it fits into many
small business' workflow. Netshare allows each user to make a PGP key that
is unique to them. This "key" needs a passphrase to operate. A user can
encrypt data on their computer or network storage, and choose other people
to have access to the files. So, Bob in accounting can encrypt his files,
but add Cheryl in accounting and Chris in Payroll to have access by simply
adding them to the list of users for those files.
Each person needs to purchase PGP Netshare, create a Public and Private KEY,
and set their passphrase. Everyone, no matter their position, can share
their keys, so when you want to allow someone access, you simply drag their
key into the "allowed keys" pool. PGP Netshare uses PGP Desktop to
configure, and is very simple and intuitive. PGP Desktop also comes with the
ability to shred files, which permanently makes deleted files unrecoverable.
When in Doubt
Not many people are completely comfortable with PCs and how to upkeep them.
So, when in doubt, ask a professional - like us, or your local computer repair
consultant, and choose wisely