Of all the topics we’re covering, this is probably the largest and most far-reaching issue in the computer world today. Obviously, it overlaps with the internet issues and anti-malware software we discussed in part 3 of this series. And of course, for enterprise users computer networking and security is a HUGE issue. But we’ll limit our discussion today to some tips for individual users or those with small home networks.
First, regarding a broadband connection (cable, satellite, DSL): Although you can connect one computer directly to the cable/satellite/DSL modem, you really should use a router. A router provides a number of advantages, including the ability to let multiple computers share one connection. And, when properly configured, the router also acts as a hardware firewall. Even if you have turned on your software firewall, a hardware firewall is good additional protection. This extra security is worth the small additional cost. (Note that most wireless access points include a built-in router.)
Second, you should set up an Administrator account and at least one User account on your computer. Use the Administrator account to install new software or make other changes to your computer. Use the User account for everything else. In other words, only use the Administrator account when you absolutely need to. This is important because it’s easier for malware to infect your computer when the Administrator account is open, because the Administrator already has permission to make changes. These types of attacks are less successful with the limited access of a User account. However, from the users’ perspective, some operating systems handle this issue better than others. For example, in Windows XP, a User needs to log out and then log back in as an Administrator in order to make changes (typically, to install software). This can become very annoying. With Vista and Windows 7, Microsoft has introduced a feature they call User Account Control (UAC). With these operating systems, if a User needs to install software, a UAC window will pop up and just ask for the Administrator’s password, even when you’re logged on as a user. Just enter this password and the software will install. This is incredibly easier—unless, of course, you don’t have the password, in which case this level of protection is working, and the system is protecting your computer—just as it’s supposed to!
The third thing you should do to improve security is to activate the operating system’s built-in firewall. A computer firewall is a device that blocks unauthorized access while allowing necessary communications. Modern operating systems have built-in software firewalls. These should be turned on. This is typically done by going start/control panel/Windows Firewall.
The fourth thing concerns wireless. ALWAYS turn on encryption on your wireless network. There is good and bad news about the increased range of current wireless systems: The range is much better than earlier systems. That’s good if you want to cover your entire house and yard. But that’s bad because you could interfere with your neighbors’ systems, and if you don’t use encryption, your improved range means more people could eavesdrop on your computer work! The weakest form of encryption is called WEP, but this is currently outdated and should not be used because it is easily “hacked.” Next is WPA, followed by the best home system, WPA2. Be sure to use WPA2 if your system supports it.
Finally, most—if not all—wireless systems let you suppress the SSID (Service Set Identifier) signal. Unless you turn it off, the SSID can be read by anyone within the range of your wireless signal. This means only that they can read the name of your network. But that’s the first step in identifying you—and why allow that if you don’t have to?
There are many, many, additional things to say about computer security. Many are relatively well-known today, such as never enter financial data into a web browser unless you see “https” in the address bar (“s” for secure. They also typically show a padlock symbol, usually in the address bar.) In general, use common sense to protect your on-line identity. I make it a practice never to use my credit card number unless I initiated the transaction AND did my own “navigating” to the site. (If you click on a link, it may take you to a site that looks like a legitimate site, but isn’t.) An eagle-eye might notice a slight change in the URL, but you can generally avoid this entirely if you always enter the URL’s yourself.
That’s it for this installment. Next month: Windows 7…special thoughts for hams, and migrating to a new computer.
Mark Klocksin is the Net Director of the NSRC. He recently took some computer courses and later qualified for the A+ computer industry certification. He is sharing some of his recently-acquired knowledge with his fellow radio amateurs.
© 2011 Klocksin Consulting