It’s hard to make a complete list of all the little tips and best practices geeks follow every day. This is an attempt at listing some of the most important security practices that you should swear by.
Now, this isn’t extremely common — but it does happen. An antivirus is an important layer of protection, as it will help protect you even in the face of such vulnerabilities.
Leave UAC Enabled
Leave the Firewall Enabled and Configure It Correctly
Windows has a built-in firewall, so you don’t need to install a third-party firewall. However, you should leave the built-in firewall enabled. The firewall blocks unsolicited incoming connections, protecting Windows and the other software on your computer from malware that exploits unpatched vulnerabilities in system services that listen to the network. This is how worms like Blaster spread so quickly in the early days of Windows XP and why such worms can’t spread as quickly anymore.
You should also configure your firewall correctly — when it pops up and asks you whether you’re on a Home, Work, or Public network, choose the appropriate answer. If you select the Home option when you’re connecting to Wi-Fi at a coffee shop, your laptop may make your shared Windows files available to other people on the coffee shop’s network. The Public option prevents other people from accessing shared resources.
Most web users have an outdated, insecure version of Java running. It’s therefore extremely easy for them to be infected by just visiting a web page. Java has seen a constant stream of massive security holes. The most tragic thing about the Java situation is that Java applets are so rare on the web these days that few people actually need Java installed.
If you have Java installed, visit your Control Panel and uninstall it. If you do actually need Java for something, you’ll be prompted to reinstall it — but you probably don’t.
If you do need Java installed — to play Minecraft, for example — you’ll want to disable the Java browser plug-in to protect yourself.
All the software we use every day is likely riddled with security issues. These security issues are constantly being found — whether we’re talking about Windows, Internet Explorer, Mozilla Firefox, Google Chrome, the Adobe Flash plugin, Adobe’s PDF Reader, Microsoft Office — the list goes on and on.
Software companies regularly release security patches for such software. Worse yet, the patches release notes themselves may give information to attackers that helps them develop attacks on unpatched machines. It’s important to install such software updates as soon as possible after they’re available.
To do this, leave Windows Update set to automatically update — or at least set it to alert you to new updates and install them quickly. Internet Explorer, Mozilla Firefox, Google Chrome, Adobe Flash, and Adobe Reader all have automatic-update features — leave them enabled so you’ll always have the latest version without having to worry.
Browser plug-ins are a significant security issue. To be completely sure that you don’t have outdated browser plug-ins, visit Mozilla’s plug-in check website — yes, it works in other browsers and not just Firefox.
Be Careful About Programs You Download and Run
This one may seem obvious, but so much of the malware Windows users encounter seems to be as a result of accidentally downloading and installing bad software. Be careful about the programs you download and run. Only download and run trustworthy software. Get the software from its official website — if you want to download VLC, download it from VLC’s official website. Don’t click a “Download VLC” banner on another website and download it from someone else that may bundle malware or adware along with it.
The same goes for software that arrives via email attachments — don’t open executable email attachments.
And, when downloading software, be sure to watch out for advertisement banners disguised as “Download” links that will take you elsewhere and try to trick you into downloading possibly malicious software.
Be aware that there are many different types of “programs” — for example, screensavers in .SCR format are essentially just programs and could contain harmful malware. We’ve got a list of 50+ different types of file extensions that are potentially dangerous on Windows.
When you acquire pirated or cracked software from peer-to-peer networks or shady websites, you’re taking a big risk. By running an .exe file from such locations, you’re trusting the distributor to not do anything harmful. Worse yet, the cracks you may need to run to make such software work properly are made by software-cracking groups. You can’t know if they’ve included malware or not.
Downloading pirated software and cracks is just a bad idea from a security standpoint. We’ve probably all seen people download files from peer-to-peer networks and become infected as a result.
Downloading unauthorized software is much riskier than pirating music or videos — software is machine code that can be tampered with. A video is just a media file that can play or not play — although untrustworthy individuals often try to disguise malicious programs as videos so less-experienced users will run them.
Beware Phishing and Social Engineering
Be very careful when disclosing personal information online. Ensure you disclose it only to legitimate individuals and websites. To access your bank’s website, go directly there — don’t click a link in an email that claims to be from your bank, but may actually direct you to an imposter site.
Don’t Reuse Passwords
Password re-use is a huge problem. If you use the same password everywhere, a leak at one website would mean that your username, password, and email address are known. Attackers could then try your password along with your username or email address on other websites, attempting to gain access to your accounts. They could even try the password and email combination to get into your email account — so if you use the same password on your email account, you’re in trouble.
Such password leaks are happening with alarming frequency. If you use a unique password everywhere, you wouldn’t have to worry if your passwords ever did end up leaked. For help using unique passwords, you may want to use a password manager that makes this easier on you.Follow enlightenedlbrl