An Operating System (OS) like Windows comes by default with a reasonable level of security. However as we use the Operating System for a period of time, there could be certain adjustments which we have made that will reduce the security level without our noticing it and these adjustments are basically for the convenience of the user. In general, convenience and security does not work very well together (at least for now).
Therefore, here are five tips that users commonly do to achieve the convenience mentioned and tips on how we can re-adjust to have a better IT security.
#1 – Never forget your antivirus!
We are not living in the 90s where people can still say that they don’t need an antivirus at all (not even for Mac now). That can be true because malware was not well developed to spread quickly and widely at that time. In the 20th century, any USB storage that you insert into your computer has a very high chance of carrying some malicious software. However, being a Windows user has the advantage is that Microsoft provided the Microsoft Security Essentials that appears to be very effective, light and well rated as a basic antivirus. Hence, you can’t say anymore that you don’t need an antivirus since antivirus can come as cheap as free.
Recommendation: Microsoft Security Essentials.
#2 – Update your Windows
The Windows updates regularly fix your Windows vulnerabilities especially security vulnerabilities. This means if you don’t update your Windows, your computer might be vulnerable to certain threats. The purpose of an Operating System patch is to improve the existing system and it should not only improve the security, but (possibly) performance as well. As a result, there is no reason for you not to update your Windows on a regular basis.
Recommendation: Set your Windows to automatically update and install the Windows patches.
#3 – Scan your web browser
The most frequently used item among internet users is the web browser and I believe many do not scan your own web browser for its security. A web browser today comes with a lot of plugins so that the web developers can make use of those plugins to make their website more interactive. However, those plugins might be vulnerable in certain security aspects and you can’t really tell whether it is updated or not even if you run several rounds of Windows update. Therefore, it is necessary to scan your web browser at least once a week or every fortnight to check your plugins vulnerability. Did I mention that it is free as well?
Recommendation: Use Qualys to scan your web browser.
#4 – Never disable the firewall!
Many users who already installed an antivirus will think that they can disable the Windows firewall to get less pop ups. However, you should check that whether your antivirus provides a firewall service or not in the first place. If it does not, then you should not turn your Windows firewall off. A firewall basically prevents any malware from intruding your computer which is why it should be made available all the time. An antivirus can only help you clean up those detected malware, but not so well in preventing. As a result, having a firewall is a must whether you have antivirus or not.
Recommendation: Enable Windows firewall or use third-party firewall software.
#5 – Never use the Administrator account
Common security failure of Windows users is they tend to use the Administrator account regularly. If the Administrator accounts that the user is logging into and being used for regular web browsing, any attacking malware can have a good chance to gain full administrator access on that machine. On top of that, most users even disabled the User Account Control (UAC) to give them a complete step-by-step walkthrough to break into the Operating System security. Do not that this will give the convenience for the malware or Trojan to execute any malicious code without asking for your permission. The rule here is if it is convenient for you to execute something, it is also convenient for the attacker to execute his thing as well and disabling the UAC is never an option.
Recommendations: Use a Standard Windows account and enable the UAC.
My name is Alan Tay and I am the author of IT Security Column, a blog that features on IT security news, tips and tricks and also security product reviews. If you are interested to learn more about IT security, do pay my blog a visit and subscribe to it by email to get the latest cool stuff about IT security.