What’s the best way to protect your computer’s data? For many consumers, the main message comes down to two words: layered security.
“It’s like with your home,” said Hiep Dang, director of operations for McAfee Labs, based in Santa Clara, Calif. “You want to protect your family and your possessions, so you put a door in front of the house, you have a lock on the door and a deadbolt, and possibly an alarm system.
“Maybe you have a fence around your yard and you live in a gated community. So with all those different layers, it makes it more difficult for the bad guys to get to your possessions inside your home.”
Hiep says you should think of your computer in the same way. That means creating multiple layers around the perimeter of your valuable digital possessions — your documents, your photos, your credit card numbers and your personally identifiable information, including usernames and passwords.
“The more layers of protection, the better,” Dang said.
To that end, you should do the following:
Install an anti-spam filter for email. The spam messages coming into your inbox could contain Trojans, malicious software that would allow criminals to access your personal data and control your laptop without your knowledge.
The anti-spam software scans every email sent to your accounts, shunting bulk emails into a spam folder instead of your inbox and stopping possibly infectious messages.
“Public email services like Gmail, Yahoo, or Hotmail have anti-spam technology to protect you from some of these things coming through,” Dang said. “But sometimes they’ll come through anyway, so there’s no technology to compensate for the lack of human judgment. Bad guys use social engineering trying to entice someone to do something they wouldn’t ordinarily do.”
Dang said if you get an email from someone you don’t know with a message such as, “Hey, check out this video I just uploaded,” don’t click on the link. It could take you to a malicious website, where your browser will instantly download malicious software, infecting your machine.
“So common sense needs to be applied,” Dang said. “If you get an email that you’re not expecting from someone you don’t know, lean on the side of not trusting it. And don’t click on any attachments or links that come with [the email].”
Install Web reputation software. You can’t usually tell whether a link or a website you’re about to visit is malicious or not. McAfee has a free product called SiteAdvisor, a browser plug-in for Internet Explorer and Firefox that gives safety advice about websites before you click on a potentially risky one. It will issue an alert if the site you’re about to visit may be unsafe, and will help you find safer alternatives.
Install anti-virus software and keep it up to date. “Just having software that is even one day old can open your machine up to being vulnerable to a multitude of new threats,” Dang said. “And the bad guys are always evolving and changing their malware so they avoid detection.” Make sure your anti-virus software is up to date with the most recent malware definitions.
Don’t click on “anti-virus” pop-up windows. Those pop-up windows touting security software that show up in your Web browser may look legitimate. After all, isn’t what they ask you to do – install the software, accept updates, or remove unwanted viruses or spyware – exactly what experts recommend? Not exactly.
“They also ask you for your credit card information,” Dang said. “The pop-up says, ‘You have an infection we just discovered on your machine. If you’d like to remove it, put in your credit card number.’ But it’s a ruse.”
If you comply, at best you’ll lose $30 because the bad guys charge your card and you get nothing in return; at worst, they now have your card information and can do whatever they want with it.
Use data loss protection technology. You should use encryption software — there are free tools available — to encrypt your hard drives and USB thumb drives so no one else has access to your data in case you lose your laptop or thumb drive.
Back up critical information. Take precautions against data loss by using a regular backup software program so that all your important information and personal files are safe.
Be sure to password protect your computer. It’ll lock out unauthorized use of your machine. “When you create a password, use a combination of numbers, characters and special characters to make it more difficult for the bad guys to crack your password,” Dang said. “The longer your password, the better.”