Working From Your Home Computer Safely: The Ten Commandments Stephen Jones, GSEC, A+ With special thanks to Balakrishnan Ramachandran
1. Thou Shall Update the Anti-Virus Software On Your Computer
Secures you from viruses, spam email attachments
Use McAfee – it’s free
Always update your virus definitions
Schedule a daily scan of your hard drive for viruses
Exegesis – 1 st Commandment
To install McAfee, go to http://www.umbc.edu/oit/downloads ; then scroll down to Antivirus. Pick the correct version for your operating system. You’ll need to log in to myUMBC, but then you can install the software.
To update McAfee, go to Start, Programs, Network Associates, Viruscan Console, double-click Autoupdate, and then click the update button. It automatically updates if you’re on the Internet at the time indicated; the time for the automatic update can be changed.
To run a scan, follow above steps to get to Viruscan Console, double-click Scan All Fixed Disks.
2. Thou shall patch your Windows operating system
Set your Windows XP/2000 for automatic updates (from Control Panel)
Updates run in the background without affecting your work
Periodically also check for updates for your Microsoft Office products
Exegesis – 2 nd Commandment
To configure automatic updates in XP, go to Start, Settings, Control Panel, Automatic Updates. Choose to automatically download and install updates and pick a time when you know the computer will be on the Internet.
In Windows 2000, follow the steps above to Automatic Updates. Then I recommend choosing to automatically download the updates and automatically install them at a time you know the computer will be on.
For Office updates, open an Office application, go to Help, Check for Updates. The updates occasionally require that you have the installation cds.
3. Thou shall use Administrator privileges rarely, but strong passwords always
Create separate accounts for the people using the computer and give them User level privileges only. That includes you. Rename the administrator account; don’t let anyone other than you use it, and even then only when software needs to be installed. Disable all system supplied accounts (e.g., Guest).
Strong passwords – minimum 9 characters, with alphas (upper and lower case), numerics _and_ special characters (e.g., asterisk).
Exegesis – 3 rd Commandment 1 st Rubric
Creating accounts: Log on as administrator. Then Start, settings, control panel, administrative tools, computer management, local users and groups, users. Then click on Action, New User, name the account. Click create and then close. The default privilege level is Users. Then right click on the account and assign a password.
Exegesis – 3 rd Commandment Rubric 2
Do you have other people using the computer who will balk at only having limited privileges?
If so, buy a computer for them and you use the safe one.
Can’t afford to buy another computer? Get your department to buy you one. (OIT is now discussing how to require departments to provide an OIT secured computer to persons working from home.)
Department won’t buy you a computer but other people at home will balk…. Then it’s safe to assume that your home computer will be hacked and you’ll lose everything on it. Ouch!
Rename the administrator account/disable all system supplied accounts/create a dummy administrator account
Follow the directions to get to Users in the 1 st Rubric. Right click on the administrator account and select rename. Give it an ordinary sounding name. This will slow down hackers.
Disable all other system supplied accounts (right click, properties, disable this account).
After renaming the Administrator account, create an account named Administrator. Right click, go to Properties, Member of, Add, Advanced, Find Now, click on Guests, then click ok twice, then highlight Users, then click Remove. Then give it a strong password. This will also slow down hackers.
4. Thou shall use a Firewall
Firewalls protect your PC from intrusions and hack attacks
Install Service Pack 2 for Windows XP which has a built-in firewall
You can also try Zone Alarm or McAfee Firewall to protect your computer, but this is recommended only if you have time to get them working
Check for constant updates
5. Thou shall install anti-spyware software
Spyware is software that sends personal data to the internet without your knowing it
You are normally unaware that it has been installed and that it is running
Update anti-spyware software and scan your computer daily
Exegesis – 5 th Commandment
Currently the best free anti-spyware package, and one of the best free or otherwise, is Ad-Aware.
6. Thou shall use a router if you using a high-speed (cable, DSL) Internet connection
Router is a device that allows you to connect more than 1 computer to your high speed Internet connection
Most router models act as a Firewall to your entire home network
It adds an extra layer of security to your software based firewall
Exegesis – 6 th Commandment
Routers are relatively inexpensive - <$100, frequently ~$50 with rebates
Linksys routers are fairly easy to set up
Best to connect to them with Ethernet cables and not use wireless
Want to use wireless? See 7 th Commandment
7. Thou shall not provide free wireless internet to thy neighbor
If you use the wireless function on a router, the signal can cover a large area, potentially extending 150 feet in all directions (whether or not there are walls).
Read the wireless router manual while setting it up and enforce some measure of security to access your Internet connection. Your neighbors/people driving by on the street can still see the network, but if you use the security provided, it will be very difficult for them to use your internet connection, or, even worse, eaves drop on your network traffic. Again, OUCH!
If the router offers it, the best method is to use a hardware based access control list.
8. Thou shall use a VPN whenever applicable
VPN is a virtual (i.e., software rather than hardware base), secure connection between your home computer and a server through the internet
VPN software needs to be installed and enabled at both ends
At UMBC, the main function using VPN connectivity are financially related, e.g., PeopleSoft.
9. Thou shall back up thy files and use good surge protectors/ uninterruptible power supply
CD/DVD recorders are now about $75. If you don’t have one, buy one and use it to back up files from your hard drive.
An old adage – when do floppy disks fail? When you need them.
At a minimum, get a surge protector that really works and isn’t just an extension cord (~$35). Better yet get a UPS (uninterruptible power supply), which is both a surge protector and a line conditioner (power sag/brown out protection). A typical home computer needs one that supplies 650-725VA (~$150-200).
http://www.apc.com is a good site.
10. Thou shall always use your computer intelligently
Don’t install software from unknown publishers or websites
Don’t give install rights to users who are not very savvy