8. Firewall/Security Software
You need to have both a firewall and some kind of security program running. If you are inside a corporate network, they are probably handled by your IT department. If you are browsing from home or work in a small business, you may or may not have them in place. Too many homes and small office systems are not running these two vital pieces of software.
The good news is that setting them up on your Windows machine will be easy.
Firewalls prevent people from getting into your machine without your permission. Firewalls can be hardware (such as a router and usually found on corporate networks and sophisticated home networks) or software. If it is software, it is loaded directly on your machine. You can use both in combination.
Here is a straightforward and extensive FAQ from Microsoft about firewalls in a home or small business environment:
If you are running Windows on your home machine (or if your company IT is really bad), you can activate a built in firewall. Here is a page with links explaining how to activate the Windows firewall for XP, Vista and Win7:
Activating a firewall is one of the easiest and most effective security steps you can take.
If you want to use a different firewall than the built in one, feel free, but there is really no downside to activating it. If you are on Mac or Linux, do a search for Mac firewalls or Linux firewalls. Install one if you haven't already.
Note – a firewall protects your computer, not your network. Network security is beyond this article to address. If you run a home network, please take the time to research how to secure it. For example, I have a physical firewall router that sits between my cable modem and the wireless network, and then my wireless network is encrypted. Every machine on my network has a software firewall installed, and is running an anti-malware program.
Security software, usually termed "anti-virus" though it does more than stop viruses, is necessary to intercept and stop malware that is triggered by one of your actions, such as clicking a bad link in an email or going to a web page loaded with malicious code. Every flavor of OS has at least one antivirus and/or security program available for it. This is because any IT professional worth their salt knows there is no such thing as an unhackable system, only one that you don't think has been hacked as of yet.
Anti-virus programs are notorious for being resource hogs, behind the security curve, disruptive to other programs, and the source of mysterious crashes and conflicts. They usually make the news for their failures more than for their successes.
Ang's Personal Opinion: Commercial anti-virus is crapware. Freeware, such as Spybot Search & Destroy or Malwarebytes, works much better. End opinion.
XP, Vista, and Win7 Security
Microsoft has made it mind numbingly simple to defend your system with a free product that works on XP, Vista and Win7. It is called Microsoft Security Essentials (MSE). I have personally been running it on three different systems with no other security software installed since it came out and have zero exploits of any kind. It stopped multiple trojans that tried to set up shop on my computer. Your mileage may vary, but every report on this product that I can dig up presents the same experience I have had – no exploits, no crashes, no interference, minimal system resource use.
If you do not have this on your Windows system, STOP. Go to the link below. Install this software. Accept all default settings. Breathe easier at night.
Installing MSE is another extremely easy and effective ways to secure your system. If you do nothing else on your computer, activate your firewall and install MSE.
This product is not the same as Windows Defender, which is preinstalled on Vista and Win7. It will uninstall or disable Windows Defender. Why is this product not preinstalled if it is so good? I suspect it is to avoid anti-trust lawsuits by commercial anti-virus companies.
If you are running something other than XP, Vista or Win7, you will not be able to use MSE, so you should immediately go check out the other anti-malware products. You may have to do some searching to find a product that will run on your OS, but it is worth every second you spend. Even if you think your system is not susceptible to malware, you want to have real time protection running to block attempts to invade or crash your system. The malware might not be able to set up permanent shop on your computer, but it may be able to be a very obnoxious gate crasher. Use anti-malware to keep them on a short leash.
After you install MSE on Windows or a comparable program on a non-Windows or pre-XP Windows system, you might check out the free anti-malware offerings and see if you would like to install a few other products. Be aware that these kinds of programs often view each other as malware, so keep a close eye on any new install to ensure it plays well with the others. Here is a Wikipedia page that lists a number of anti-malware/virus/spyware programs you should look at and consider installing. (If you have Windows Update running, the Windows Malicious Software Removal Tool is a regular part of system updates.):
Also, be aware of one of the more pernicious malware exploits out there – malware that says it is anti-virus software! These are particularly awful pieces of malware because they attack people who are trying to secure their machines and they exploit the ordinary user's lack of knowledge about anti-malware to take over systems. The worst version of these programs is called "ransom-ware" because it blocks you from using your machine unless you send money to them to unlock your machine. This has been shown to affect Mac as well as Windows systems.
To avoid this kind of malware:
- Never click on any pop-up window that says you are infected with malware. That IS a malware exploit!
- Do not click on links in emails that offer free anti-virus tests, scans, or special offers, even if they look like they are coming from a legitimate company. These may be "phishing" attempts with bad URLs hidden in the email code. Instead, use your browser, type the URL of the legitimate company, and go directly.
- Check this Wikipedia page "Rogue security software" for a partial list of known bogus programs:
In short, most HASA users will be able to turn on a built in firewall and install a very effective anti-malware program within a few minutes. There is no reason not to take these steps.
Once the OS is updated, programs are patched, firewall turned on, and security software in place, it is time to get your user accounts in good shape.