General Security Guide2003-02-12 (updated: 2019-06-29) by Philip
Let's start with the basic presumption that no system is completely secure. The only way to secure your system completely is by turning it off, locking it in a safe and throwing away the key... The only way you can completely prevent remote exploits is to disconnect from the network. All Operating Systems have some security flaws, with the more complex OSes having more potential vulnerabilities.
Keeping that in mind, we can come very close to a completely secure level and still maintain a working system by following a few basic principles, described bellow.
1. Don't turn on services you don't need.
Turn access on just for the necessary directories/drives and make it read-only.
2. Use strong passwords - whenever you use passwords, being an online banking interface, network share or even a forum, common sense dictates you should make them hard to guess/crack. Although some of the suggestions below might seem trivial, they are not followed by many users and it might be a huge security risk. Use the following guidelines with passwords:
Use both lower and upper case letters use some non-alphanumeric characters in passwords.
3. Stay current with updates - download and install all available security patches for your OS, as well as new anti-virus definitions, etc. Windows-based computers should have the latest service pack installed. Also check the Windows settings to make sure Updates are turned on (or check for updates periodically).
4. Use the encryption available to you - FTP/SMTP/HTTP and many other protocols widely used on the Internet transmit information in ASCII (clear text). What that means is, all information transferred to/from servers, including your passwords is transmitted in clear text, and is readily available to any network device it passes through to get to its destination. It is always prudent to use the secure variations of those protocols to avoid personal information being transmitted unencryted. Using a VPN service can also help with that.
Multi-Layered Security Approach
1. Hardware Firewall ( and/or optional software firewall)
2. Anti-Virus Software - Viruses, trojan horses and other types of malware have become more common simply because of people's ignorance and PCs being interconnected in a network, communicating with each other much more easily. Some viruses have caused havoc on the Internet, spreading with alarming rates through email or other similar means. Installing a good Anti-virus software (and maintaining virus-definitions current) is a must, or you are bound to become a victim of some virus/trojan horse at some point in time. With Windows 7,8,10, the default Windows Defender anti-virus included with the OS does a fairly good job of keeping the system secure, the software has improved tremendously over the years, and it has low resource utilization unlike some other commercially available anti-virus products that try to take over every aspect of your online experience (including web browsing, email, etc.) I'd recommend sticking with the Microsoft solution, or using one of the leading products that does not slow-down your PC, it is easy and seamless to use. Efficiency and fast response to new threats are the key issues that differentiate some of the leading products.
3. Anti-Malware Software - your every action online could be recorded without your knowledge. Browser hijacks, third-party software that steals passwords, trojans that infect BIOSes, it is all out there.
The issue is often found with third-world countries where people try to make money by stealing user data, showing you a few ads, or even companies paying for, and trying to collect consumer information, demographics, or in some cases personally identifiable information about users. It's most often accomplished through malicious software, browser extensions, or other type of malware usually installed without user knowledge or consent. Collected personal information can be potentially sold, combined with other databases, rehashed by computer algorithms to build up profiles of individual web users, often for direct marketing purposes. It might sound like Sci-Fi to the uninitiated, but it is real, and it is happening every day online. Your privacy is being invaded.
For anti-spyware software solutions, you might want to look up: Malwarebytes Antimalware, Gibson Research OptOut, SpyCop, WinTasks Pro, etc.
Many such anti-spyware programs block advertisements on websites as side-effect of protecting your privacy.... I'd also like to bring up the fact that not all advertising is evil. Many websites, including ours rely on banner advertising as a source of revenue, the bandwidth used in serving you with free information costs money and it is paid for by advertising. Blocking ALL ads just hurts independent websites sponsored by banner advertising.
One should be aware of all the major security threats, especially when connected to a large network, such as the Internet. With all the above precautions in mind, the Internet can be a fun, and a much safer place to explore ;)