This document is aimed mainly at home and/or small office users of Microsoft Windows operating systems.
In response to the many clients that have asked about internet security, we have put together some notes that may be of use. Please be aware that this document is not intended to be definitive in any way, nor do we make any specific recommendations regarding your system security integrity. Doug Miller Web Designs assumes no responsibility for the use or misuse of this document or for the use or misues of software mentioned within this document.
If you are going to spend any time at all on the internet, there are a few fairly sound assumptions you should make:
It's true folks, the internet has become an ugly place. The good news is that there are a wide variety of tools you can use, and precautions that you can take, to keep your data and activities as safe as possible.
Just like defensively driving your car to avoid trouble, you should try to use the internet defensively too, thus avoiding crashes (if not awful puns).
Firstly, you should select a reputable virus protector, such as Norton Antivirus (commercial product) ,or AVG (which is free for non-commercial use at time of writing), and more importantly, you need to keep your virus protector up to date. It is rare indeed to do a daily update of a virus protector and NOT have to download new virus definitions.
There are lots of freeware, shareware and commercial anti-virus products on the market. Use a search engine to find the one that best suits your needs.
Secondly, you should invest the time and effort in learning how to use Anti-Spyware applications, such as Ad-Aware, or Spybot Search & Destroy, both of which are free for home, non-commercial use. There are other anti-spyware applications around. Search for them if you wish.
It really is amazing what these applications can pick up, and Anti-Spyware software should become part of your routine system maintenance activities. Be aware that there are new threats that fall into the spyware category that emerge every single day. The more often you check for updates to these kinds of software packages, the more useful they are.
A particularly nasty kind of spyware is known as "key loggers" which (potentially) record all your keystrokes as you browse the web, and send them either via email, or through the web to a hacker's site, where they may be recorded. Nasty, huh? Keeping your spyware software up to date provides the best protection from this kind of malicious attack.
Thirdly, you should install and learn how to use some kind of personal firewall software. Windows XP, for example, comes with a built in firewall, but it must be enabled for all of your network connections. To be ultra sure, you might consider using a third party software firewall in addition to the one supplied by Microsoft.
Without adequate firewall protection, it is possible for a hacker to gain access to your system, install malicious software on your system, gain access to your personal information, or gain control of your system in some way.
At the time of writing, the Windows XP firewall only protects you from inward bound rogue traffic. You may like to consider the purchase and installation of a third party firewall that protects you from rogue traffic in both directions.
In a related vein... turn off any non-essential services such as Telnet, FTP and Web Servers that may be installed on your machine that you do not use. These services, if improperly configured, may provide handy points of entry to your system for a hacker.
Lastly, you should use the "Windows Update" link supplied with many versions of Microsoft's Windows operating system. Patches and updates occur very frequently to address various security concerns, and (credit where credit is due), Microsoft seems to respond swiftly to perceived security shortcomings, but only if you apply the patches!
Depending on how paranoid you are about all this, you might also consider disabling ActiveX and Java applets in your web browsers. Remember, there will always be a trade-off between how fulfilling and useful your browsing experience will be and how safe your system is.
However blase you are about system security, you should never, ever, under ANY circumstances type your credit card number into a web page that has not been secured with the highest level of encryption. You should consult your browser's help for further information on how to tell if a page has been encrypted. Nor should you ever, under any circumstances, transmit your credit card details via email. That's just asking for trouble. Even if your bank asks you for them via email, telephone your bank first, and ask them if they really asked for these details!
Time taken to safeguard your system and data can be repaid many times over. Just one system failure with data loss, or one bogus credit card transaction, will convice you that it is well worth the time and effort to install the appropriate software, and (and this is just as important!) to learn how to use it effectively.
Microsoft has released some guidelines of their own in safeguarding your PC.
Trust no-one, expect the unexpected :)