Keep your Home Computer Safe!

January 13, 2009

TrustCC’s blog is intended to provide articles relevant to financial institutions.  Why an article about keeping home computers safe?  It seems a bit more than 20% of our financial institution clients allow remote access to business systems from home.  While this capability is often limited to select personnel, the criteria for allowing remote access is typically never connected to the ability to ensure the “home system” is secure.  So we thought we post a quick one highlighting 5 steps to keep home computers safe.  If you are responsible for managing remote access for your financial institution, you may want to craft a policy that requires those with remote access to comply with these recommendations.

There are many threats to unprotected home (and business) computers.  An article in the New York Times last October highlighted one particular threat.  The articles starts, “In a windowless room on Microsoft’s campus here, T.J. Campana, a cyber-crime investigator, connects an unprotected computer running an early version of Windows XP to the Internet.  In about 30 seconds the computer is ‘owned.’”  The article goes on to describe how automated programs, commonly referred to as Botnets, lurk about the Internet ready to turn unprotected computers into remote control “zombies.”  These “zombies” are then used by the thousands to send malware and commit other cyber-crimes.

Since Microsoft is the leading provider of operating systems, we turned to Microsoft for their tips to protect home systems.  We have also changed a few of their tips based upon our experience.  Here are the steps:

  1. Verify your Firewall:  Every user should install their system behind a firewall hardware device.  Often sold as part router and part firewall, these devices blocked attacks that originate from the Internet.  Common brands are Linksys, Netgear, dLink, and Belkin.  These devices can be purchased at Best Buy, Costco, and online.  Microsoft’s firewall advice is to have either XP or Vista since these products have built in “software firewalls.”  We believe these two approaches are complementary and appropriate.
  2. Get software updates:  Running Microsoft update is absolutely critical.  We cannot over emphasize the importance of updated systems.  We recommend home systems be configured to download updates and notify the user that the update is ready to be installed.  These should be updated within a day or two of release.
  3. Use Anti-virus software.  I have been using Kaspersky for the last two years.  Why Kaspersky?  I am not brand loyal.  I read the CNET review, published every September or October, to see which AV products are effective AND efficient.  I don’t want a product that pops up and interrupts me every minute or two.  I just want it to work.  Kaspersky has been great in 2007 and 2008.
  4. Use anti-spyware software.  I use BitDefender.  It is free, unobtrusive, and effective.  Some of my peers run two or more anti-spyware products.  I think this practice leads to bit-rot (your computer getting slower and slower).  If you try and concurrently run more than one software program for the same purpose you will degrade system performance.
  5. Download and run Microsoft Baseline Security Analyzer (MBSA) every three months.  This free download scans your computer for missing updates, insecure software configuration, weak passwords, and other weaknesses.  All you need to do is the fix the problems that are reported.  It is pretty simple.

I realize that some of the concepts in the post may be a bit technical or foreign, so don’t hesitate to contact the TrustCC team for additional assistance!

– TrustCC


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: