Can You Ever Be Truly Safe and Secure Online?

For years now I have resisted the temptation to get a high-speed Internet
connection for my home. I couldn’t really justify the extra money when my
dial-up connection was more then adequate for my needs.

However, the primary
reason that I didn’t get it was simply because I was concerned about my computer
being connected to the Internet all of the time. I mean with all of the stories
in the news these days about identify theft and fraud, I didn’t really see the
need to take the chance of someone gaining access to my system and stealing my
personal information.

Recently, though, I became involved in a project for my company that requires
me to spend a lot more time online. I also have to review a number of large
documents, which means that my dial-up connection is no longer sufficient. So
now I MUST get a broadband connection.

I understand that there are products that I can purchase that would help
prevent anyone from gaining access to my PC, but I’m still nervous about it. I
discussed the matter with our IT guy and he assured me that everything would be
OK.

He said that most hackers won’t even bother with me and focus mostly on
larger, more recognizable targets. He’s kind of incompetent, though, and I don’t
really respect his opinion in this area. So my question is, is what he’s telling
me true? Will a firewall be enough to protect my PC from attack or is there
anything else I can do to make it more secure? Thank you.

One of the biggest misconceptions is that hackers will target only large
companies. The truth is computers get attacked for a variety of reasons. Some of
these include the following:



  • Snooping: Reading private mail and other personal files.
  • Destroying or corrupting computer data: Making files unusable, or making a
    whole computer unusable.
  • Stealing computer data: Taking credit card numbers, e-mail addresses,
    company information and so on.
  • Stopping computers from functioning properly: Blocking incoming traffic so
    that intended users cannot get access, etc.
  • Misusing computer resources: Sending spam without you knowing it, etc.
  • Pranks: practical jokes, breaking in just because it’s a challenge.

The bottom line, don’t think your network is safe just because you’re not
that important or well-known. Assuming that you aren’t personally targeted,
moderately secure networks usually cause hackers to attack elsewhere. Yet
attacks can come from many different sources and your computer should be
equipped to deal with each of these types of attacks. For example, your network
firewall (like the one built into your router) is your first line of defense.

A hardware firewall shouldn’t be your only defense though. Your PC should also
have a software firewall installed on it. The hardware firewall protects entry
on to your network; the software one will protect your PC itself. It doesn’t end
there. Many threats, like virus, trojans and spyware must also be dealt with.
This is why anti-virus software such as Norton Anti-Virus and good spyware
detection packages such as Ad-Aware and Spybot Search and Destroy come in.

However, software alone can do only so much. You must also implement and
maintain good security practices. Computer criminals depend on you to implement
security casually. However, with a little effort, you can be moderately secure.
Remember, there is no way to anticipate or stop every possible attack on your
system, but there are steps you can take that will minimize your exposure. So
here are a few general security suggestions for making your online experience a
bit safer and more secure. You don’t need to implement every one of these, but
the more you do, the more secure your network will be.



  1. Put a good hardware firewall between your computers and the Internet.
    NETGEAR, D-Link and Linksys each make good and inexpensive routers. Most are
    easily configurable and even provide VPN and
    wireless capabilities.
  2. Use your router to control access using MAC addresses
    filter (Media Access Control addresses). This limits which systems can gain
    access to your system by only allowing systems you specify to use your network.
  3. Update your operating system and Web browser. For Windows users, install
    “critical updates.” If unsure whether an update applies to your computer, you
    probably should install it.
  4. Run virus protection programs on all computers. Set the scan to examine all
    hard disks and to continuously examine all incoming files. Check for anti-virus
    updates frequently, daily if possible.
  5. Never leave a password at its default value. Passwords should not be simple:
    use characters, numbers and symbols. It’s better not to use names or dates you
    find easy to remember: your birthday, your girlfriend’s name and so on. This is
    an example of a good password: kB!3ccsiiz_8 or 4*4zbmn-BXY
  6. If you have a wireless network, make sure your using WEP or WPA encryption. As with the
    password, make sure your using a strong encryption key at the highest bit level
    possible. Typically 128-bit. If your hardware supports it, I would further
    suggest that you use WPA over WEP. For some information on the differences
    between WPA and WEP you can refer this recent Q&A column.
  7. Never place your primary PC in your router’s DMZ or
    Demilitarized Zone. A PC at this address is wide open to the world. Unless you
    have a reason to use it, your router’s DMZ feature should be disabled. (By
    default this feature is usually turned off.)
  8. Limit the shared folders on your network (or turn off file sharing
    entirely).
  9. Turn up your Web browser’s security. In Internet Explorer: Go to: Tools
    > Internet Options > Security > Default Level > Security level for
    this zone.
    With Internet selected in the top box, make sure the
    slider is set to at least Medium. Internet pages will display with few
    problems at this level. Setting the slider to High will be most secure,
    but some pages will not display.
  10. Avoid sending personal information over the Internet. Credit cards are a
    particular risk: Use a well-known payment system such as PayPal, or send credit
    card numbers and the expiration date in separate e-mail messages. However, since
    using your credit card online is sort of a way of life for many of us, I would
    suggest that you at the very least limit the number of credit cards you use
    online. Try to use only one for online purchases and give it a low credit line
    ($500-$1000). This way at least the damage is limited.
  11. When browsing, don’t accept software &#151 even with a certificate &#151 unless it’s
    from a company you think is trustworthy.
  12. DO NOT respond to spam. DO NOT answer messages like “Click
    on this link to be removed from our mailing list
    ” &#151 unless it is a company
    to which you know you actually gave your e-mail address.
  13. Running a public server (for example one that hosts games for other people
    to use, or one which serves Web pages for public viewing) causes additional
    security concerns. Never do this using your primary PC. Use a system that can be
    dedicated to the task and never use that system to store any personal
    information. This also applies to applications like MIRC or KaZZaA. Try not to
    use these on a system that contains personal information as these could also
    expose you to risk.
  14. Finally, for the truly paranoid, remove your network from the Internet &#151 or
    turn it off altogether &#151 when it’s not being used. While this may be seen as
    extreme, it is also unquestionably extremely secure.

I hope you find this helpful. Good Luck!

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Must Read