5 Steps to a Secure Computer

In this post we’ll go over some technologies which every user should use to secure their personal computer. Although following these steps doesn’t guarantee you won’t have security issues with your computer, they do ensure you have the basics covered!

Something to note and in contrary to popular belief, Apple Mac computers are not virus free, they suffer from many similar attack types as Windows computers and benefit from all the below mentioned advice for securing your system.

computer-security-systems

1) Antivirus

The first, and arguably the most important piece of protective software on your computer; antivirus targets malicious software and attempts to remove it before it can affect your computer.

  • Set it to automatically update itself regularly.
  • Set up scheduled scanning of your computer weekly.
  • Don’t install software if you’re not 100% sure of its authenticity.
Free Antivirus Software:

Below are a few free antivirus packages which you might find useful, however only have one running at any one time or you’ll suffer from system slowness.

2) Firewalls

A firewall is a piece of software that is installed on your computer and filters / monitors the network (internet) communications that occur. It detects threats that might be attempting to break into your computer and a good firewall will also monitor applications on your computer that are trying to reach the internet and verify this is intended activity by the user. This is to stop viruses and other rough software from sending your personal details back to their creators or installing more malicious software.

  • Make sure your ‘internal’ firewall is enabled in your computer’s system settings (Apple’s OS X / Microsoft’s Windows).
  • Always read any warning messages from your firewall.
  • Never approve an application or connection you don’t recognize.
  • A firewall should complement a good antivirus package (See Above).
  • Don’t turn off your firewall, unless you absolutely sure about what you’re doing.
Free Firewall Software:

The majority of modern computers come with a ‘built-in’ firewall that in many cases meets the simple protection requirements of an average home user. This can be enabled in the operating systems settings. However if you would like an increased sense of protection there are other software packages available; many are also free to use, such as:

3) Software Updates

Although simple in theory, keeping your computer’s operating system, installed software, antivirus and so on up to date is something many people fail to do. However, as software becomes out of date, it also becomes less secure. The are many reasons for this, but the basics are that as vulnerabilities (security bugs) are found in software then you need to ‘patch’ or update your system to ensure it is protected.

Keeping your operating system is very simple for the main two modern systems, Microsoft Windows and Apple Mac OS X.

Software installed on your computer system can be a little more complex, it very much depends on what you have installed. Many pieces of software contain ‘check’ or automatic updaters. Check the website of the software for help on finding yours. The are some tools which scan your system for what is installed and then recommend what should be updated. A couple of these [free] tools are, FileHippo App Manager and Secunia PSI.

Don’t constantly postpone system or software updates. Let them install shortly after they first start to warn you, the longer you wait, the high risk you put your system in. 

4) Regular Backups

Keeping backups is the kinda things people put off. We like to think that our computer, USB drive or SD card couldn’t possibly fail us. However, this is not the case and most (if not all) people will have a piece of hardware fail on them at some point or other. Therefore ensuring you have a copy of your data in the form of a backup is very important. It’s also important from a security perspective, if your computer system is infected (or destroyed) by a virus or malicious hacker and you don’t have the ability to recover your data, then the impact to you is far greater than just having your computer fail. Having a recent backup means you can repair your computer and then restore all your data, reducing the impact of the virus or hacker attack.

The are many types of backup solution and many offering out there which will help you backup and restore data. Some options will be listed later on, but for now let’s go over what a backup actually is.

A backup is not simply a relocation of your data to another place, like moving your pictures off your phone onto your computer. A backup is only when there are copies or duplicates of the same data in separate locations. Therefore always make sure you check that whatever tool or process you use is not simply moving your data, but also duplicating it.

Cloud based tools upload or ‘sync’ a copy of your data into the ‘cloud’. In practice a piece of software on your device monitors your local data and uploads is to servers located ‘online’ which is often in large data centres across the world. Some good offering in this space are DropBox, OneDrive and Box.

Local based tools take a copy of your data and store it on an external drive, USB drive or network storage drive. These allow complete control over your data and mean you don’t need to trust a third party with the maintenance and storage of your backups. However, this approach does mean you’re not protected against theft or destruction of the local drives in which your backups are stored. Software in this space is also common and some vendors are CrashPlan and Backblaze (interestingly both of these tools also offer cloud based storage too).

Ideally you should use a combination of both local and cloud based backup solutions. For instance I personally use OneDrive for online backups and sync and Crashplan for backing up to an external drive.

5) Parental Controls (Optional)

This step is only really for parents who have young(ish) children. Keeping your child’s online / computer experience safe and secure is a challenge in itself. Fortunately there are several solutions in this area which you should consider.

The 4 big internet providers in the UK – BT, Sky, TalkTalk and Virgin Media – provide their customers with free parental controls which can be activated at any time. You can watch helpful videos on how to enable them here.

On your actual home computers the are inbuilt control on both modern versions of Windows and OS X.

The are several additional options which some people find offer great functionality and in some cases protection. Two of which are, K9 Web Protection and Kidlogger.

I hope you have found some useful information here, please let us know in the comments if you disagree with any of our advice and also if you have any other suggestions which might help!

Note: This was first authored (by myself) for a small blog/project which is now shutdown and I wanted to keep the content.

Continue Reading

Password Complexity vs. Password Length

It has become far more common these days to hear ‘normal’ people talk about password security, previously it was exclusively IT professionals and enthusiasts who would say things like “you need at least a number and symbol in your password for it to be secure”. Fortunately, we’re moving towards a future where more and more nontechnical or home users are actually understanding the reasons for ensuring a password is strong and hard for another person to guess.

Unfortunately, there is increasingly complex advice when it comes to choosing a secure password which leaves people confused or following practices which are not as useful as others.

This post will focus on the two main pieces of advice for choosing a secure password, explain the reasons why you should choose one or other (or combine them) and finally give recommendations aligned with other best practices and also simple to remember and repeatable method for having secure and hard to guess passwords every time. So firstly let’s define what complexity and length mean when discussing passwords.

Complexity:

Passwords are almost always made up of a combination of letters, numbers and symbols. The complexity comes in when you substitute or add combinations of all three to create a hard to guess (and in many cases hard to remember) password.
An example would be taking the name of your favourite book (Data and Goliath), film (Fight Club) and tv show (Grimm) and using just the first letters of each to form something like this: “dagfcg”. Now, this is a completely random and hard to guess (for a human) password. However, it is only 6 characters long and simple for a computer to work out after all computers can guess passwords at a rate of millions a minute and therefore would make short work of a password like “dagfcg”.
In this case, some advice would tell you to make it complex and therefore make it far harder to guess. Take the password and now add a number and a symbol to it. We’ll use the number 5 and the dollar symbol ($). So “dagfcg” becomes “5dagfcg$”. Instantly you have a harder to guess password (for a human or computer) and it’s now 8 characters long, which is at least better than 6! The next technique takes a different approach and favours length over complexity.

Length:

The average password is often between 6-9 digits in length and (hopefully) contains a mix of letters, numbers and symbols. The ‘complex’ method above when in isolation and with short passwords (under 12 characters) actually proves to have limited effectiveness in keeping your accounts and computers secure. Due to the huge scale passwords are attacked and guess by computers these days it is important that passwords are also longer (at least 12 characters) in length.
This presents a problem, while our above example of “dagfcg” was easy to remember (book, film and tv show) we need to add twice as many memorable things to our password method to meet the 12 character minimum. Fortunately, while short passwords should NEVER contain simple words or sequences of numbers (like ‘Batman’ or ‘123456’), longer passwords can have simple words strung together which actually creates a long and strong password.
Using our above example, “dagfcg” could become something like this: “DataFightGrimm” which is 14 characters, easy to remember and meets our requirement of being 12 characters or more. A computer could easily guess any of those words in isolation as a password, but together they create a unique and very hard to crack the password.

Complexity & Length:

Having a simple long password which is easy to remember is better than the earlier short but complex password. However, to really ensure your password is secure it should incorporate both techniques. So taking what we have learned from each of them we could create a password like this: “5DataFightGrimm$”. This password is now 16 characters long, contains lower and upper case letters, a number and a symbol. This is the ideal type of password, because you can easily recall the primary words (just think, favourite book, film and tv show) and then remember you started it with a number five (5) and ended it with a dollar symbol ($).

We have now created a great looking password, however we now have a problem. If we use it on every website and service we have it increases the risk of that website being compromised and the password being leaked. Now, this ’shouldn’t’ ever happen, but it does. Whether it’s Evernote or Target, these companies cannot guarantee that the database which contains your complex and long password won’t make it’s way out onto the internet via some hacker forum. Therefore we need a way to ensure we use a different password for every different website or service we use. With many online users having 100’s of online accounts this would be highly challenging to use the above methods and also maintain complicity and length.

Therefore we use a variation technique which works like this. You take your ‘root’ password, which should be both long and complex (just like our one above) and then add a slight variation for every different account you have. An example for the BBC website would look something like this: “5DataFightGrimm$BBC” or like this for the service Twitter: “5DataFightGrimm$TWIT”. This instantly ensures that your password will still be easy to remember as you have one ‘root’ password with slight variations based on the account your logging into. All you need to do is say the name of the service or website in your head and you then know the additional letters at the end of your password. You could also place them at the start of the password or middle. As long as your method is consistent you can have 100’s of variations to your password but be able to remember them each time you need them.

Summary:

There are two primary lessons to remember:

  • Length First, Complexity Second:
    Although complexity does boost the security of a password, the length of a password is of greater importance, specifically ensuring the length is 12 or more characters.
  • Use Variation
    Never use the same password (strong or not) on multiple websites, you don’t know what they are doing with them and don’t know if they are stored safely. Therefore use a variation of your ‘master’ or ‘root’ password on each site by adding the letters, acronyms or syllables to the password per account you need to have a password for.

Note: This was first authored (by myself) for a small blog/project which is now shut down and I wanted to keep the content.

Continue Reading