Best Practices – Internet Safety for 2008

I recently found this really helpful blog post by a Microsoft MVP – Harry L. Waldron and I thought i’d post it in here for the benefit of my readers. to view the original post click here.

* Anti-Virus (keep it active and updated)
* Firewall (bi-direction preferred)
* Anti-Spyware
* Spam Filter
* XP users move to IE 7 for better security
* Hosts file (advanced users)
* Anonymizer (advanced users)

* Backup any files you don’t want to loose to CD, DVD, or flash drives
* Apply Windows and Office Updates as soon as possible – Turn Automatic Updates on (use Microsoft update for both environments)
* Update all Software products periodically on your system
* Run virus scan scans periodically (weekly)
* Run anti-spyware scans periodically
* Clean up your recycle bin, temp areas, etc.
* Use UAC in Vista and prompt warnings in other Operating Systems
* Authenticate and register your version of Windows (including WGA checks)
* Read the EULAs in any software being installed
* Create a protected account (aka limited account in Vista or XP)
* Avoid entering sensitive information or performing e-commerce on a shared public PC in a cafe, hotel lobby, or library
* Avoid P2P File sharing sites for “free” music or videos
* Ensure you are using a trusted website and secure servers for e-commerce
* Use complex passwords of 8 characters or more (at least 1 letter and 1 number, plus 1 upper/lower case — and special characters if desired)
* Change your passwords periodically
* Protect your privacy – Never share your SSN, bank account, credit card, or other sensitive personal information in emails or enter them on websites (unless you are doing so purposefully on a secure server)

* Avoid email attachments where possible
* Avoid clicking on any URLs in email (even to opt out of spam)
* Use plain text mode in email if possible
* Avoid links and files shared in Instant Messaging software
* Never open email from someone you don’t know (line up all spam in your in-box and delete it)
* Avoid taking actions or clickin on URLs in official looking email from banks, government, etc. (verify by phone or on the primary website)
* Avoid e-cards which are not from a specific person (and check with the sender if you are unsure)
* Never install updates or free security software from an email attachment or URL

* Avoid clicking on banner ads where possible
* Avoid visiting untrusted and inappropriate websites
* Be careful of Internet search results as malware authors are seeding malicious websites with malware
* Complementary browsers (e.g., Firefox, Opera) have good security track records, phishing filters, and other safety measures (e.g., NoScript) that can be used in addition to IE 7 with no conflicts. You can use these as a tool to cross-check questionable sites.
* Completely clean your browser cache regularly of all temporary files, history, cookies, passwords, etc.
* Enhance your browser from automatic processing to prompt warnings where possible (advanced security settings in IE)
* Your computer may be infected with malware when performance deteriorates, browser pop-ups appear, home pages change, firewall warnings are issued, etc.
* When cleaning malware infections get technical assistance from a technically savvy friend preferably who can visit at your home or experts at a security website
* Find out the name of the malware you are infected with (as you must clean uniquely based on how you are infected)
* A friend owns VirusIntel, which offers a list of free online and command line scanners from many AV vendors
* Free Standalone cleaners may be available to remove some difficult malware agents
* Use SAFE MODE to remove difficult malware
* Change your passwords after an infection in case a backdoor agent transmitted it

* Gain better general knowledge on security through articles, blogs, and security websites
* Stay informed – Follow the latest security developments on what to avoid or how to protect yourself against dangers
* Look for updates in any software you are running and install them promptly, so that you are always on the latest version
* Avoid email hoaxes circulating where you are asked to “pass on a special warning”
* Remember that there are “no free gifts” or “special bargains” for you from strangers on the Internet
* Setup separate user accounts for your children and use Vista’s Parental controls
* Educate your children, family members, and friends
* Use a “Lessons Learned” approach when you make mistakes to avoid them in the future

One comment

  • Too many tips for ordinary users to follow. I think it’s easier to sum up them.
    1. Use a Windows account with limited privileges when surfing the web. No ADMINISTRATOR!
    2. Have antivirus and antispyware from 2 different vendors. Keep both programs updated and scheduled to run weekly scans.
    3. Avoid visiting suspicious websites, especially in .cn zone
    4. Do not use IE, neither 6 nor 7. Switch to Firefox or Opera.
    5. Forget about Outlook, install Thunderbird.
    Basically that’s enough to stay 1 step ahead of millions of PC users.

Leave a Reply