Interface Blogs

Sometimes the need to defend our own data on the local PC that we use becomes extremely important and in some cases (sadly) even outweighs the security posture used by our company or the Internet connection that our company uses. What can be really unfortunate about this, is that companies, (sometimes) even big ones, make little to no effort to obtain the expertise and/or simply dont have the expertise, even sometimes "afraid" of security controls that they just dont understand, and therefore they hesitate to implement them to protect their assets. What one must realize is that a lack of a solid security posture is one of the few things (like the lack of a disaster recovery plan) that can put a company out of business literally overnight, or may at least lead to enough downtime to significatly impact their "familiar business process".  This has lead to unexpected downtime which has cost billions of dollars in lost revenue over the past 2 years (FBI Study). While all of this "lack of attention" to securing their business is happening, the attackers, whom will find the vulnerabilities that can cost a company its business are working non-stop (24/7/365) to exploit anyone's lack of attention to security detail. Many companies feel that if they have a Firewall, then they must be safe. HA! As reported by the CSI and FBI in 2008, 92% of the attacks that cost significant impact on businesses were executed through commercial firewalls because no other security control was ever put in place.

While many businesses think that their primary focus is on doing business, and yes, security does reduce convenience, as it has always been know to do, still with all of the education, many companies are still unwilling to implement controls that can actually protect them from being completely put out of business by a well manufacted attack. Complex, yet necessary security controls, like IPS, which no company should ever live without, or having a host-based protection program that can provide proactive protection on both servers and clients, well above and beyond what any anti-virus program can do (reactive) are absolute necessities.

Here's the saddest reality when it comes down to me and you, the user. The user PC is last on the list for protection in almost all scenarios. While your company may give you a license for an anti-virus program (which is a start) their attitude about the PC is that if it is attacked, we'll just blow it away, re-image it and start over. For any of you that actually have data on your PC that you need to use to do your job, this solution is completely unacceptable.

So this blog is for you...the user, to try and protect yourself and your PC, when your company is unprepared or possibly unwilling to do so. The following is a list of programs that you can run yourself, at very least, to help keep your PC protected and running, even while the walls may be crumbling around you.

1) Have a good Anti-virus program and update it at minimum once per day (can be done in the settings in most cases. SAV, NAV Trend Micro...they are all about the same...they do their job. If you want a free one that is just as good, use AVGFree. Here's a link:http://free.avg.com/download-avg-anti-virus-free-edition

2) Use your own firewall. The firewalls that come with XP, and Vista just aren't good enough. If you are using a MAC you are just as vulnerable as the rest, so dont think this doesn't apply to you. A firewall that I have found that works as effectively as some of the big, expensive firewall aplliances is Tiny Personal Firewall 6.5 or greater. It integrates into multiple layers of protection...well beyond ports, it even proviides IPS for the host. Here is a good link:  http://download.cnet.com/Tiny-Personal-Firewall/3000-10435_4-10266527.html

3) Use a program that can tell you if you are vulnerable in any way by checking your applications and making sure that they have zero known vulnerabilities, a personal vulnerability scanner so to speak. The best tool on the market (and an Award WINNER!) comes from one of the most respected names in the security community, Secunia. The tool (free) is called Secunia PSI and can be downloaded very easily and is very easy to use. It will scan all of your PC or MAC-based applications and tell you if you are using the versions that are clean, with no vulnerabilites and will provide links to get the acceptable versions as well. Here is a good link:  http://secunia.com/vulnerability_scanning/personal/

4) Use a program that protects the integrity of your system files and can protect against malware, trojans and worms that add or modify files on your system. The best tool for this is SpyBot Search and Destroy. There are a million spybot programs out there...most of them are themselves viruses, so make sure when you seach for this tool, that you include the "search and Destroy" portion in you search. Here is a good link:  http://download.cnet.com/Spybot-Search-amp-Destroy/3000-8022_4-10122137.html

5) Last but definetely not least - Backup your data to a reliable drive.  Make sure that if your comany wants to simply reimage your machine, that you can get your business data back.  I run 3 backups per week (full) to a removable 1 TB drive, and I run data backups on the fly everytime I change something major that I need to make sure I dont lose.  If you dont have a lot of data (less than 2GB) you might want to check out MOZI for some online backup.  http://mozy.com/  They will give you 2GB of backup just for signing up.

-Storm out