Internet/Network Security/Wifi Security
QUESTION: I use a Toshiba laptop about 2 yrs old and I have windows 7 Home premium 32-bit. My security software is the AVG Free Addition. I also connect to the Internet via a Verizon Jet Pack. I'm the only person that uses it. and I use it mostly at home. Can you give me some pointers as to how I can make it. Secure?
ANSWER: Securing a system actually requires knowing the cost of realizing risk. I don't have information about you that I need to make a customized recommendation but here is what I tell others, and what I work from. (You've set a good starting point for yourself):
1. Stay current with security updates. (More on this point in the next paragraph).
2. Do not use any other Wifi connection except the Verizon Jet Pack, even if you can't use the Jet Pack. (This limits your exposure. While many 802.11 Access Points may be configured well, there are too many that aren't. Even major hotels make questionable decisions about their WiFi.)
3. Be certain remote access is disabled.
4. Be certain the account you use is not an "Administrator" account. (If its the only account you've created, it IS an Administrator account.) If you do not "browse the web" but stick with certain sites and you trust them, this is less important.
5. If you let someone else use it, create a non-Admin account for them to use and sign out completely first, before letting them log in.
6. Make certain your home network is hardended. Meaning, if you have an 802.11 wifi Access Point at home, use WPA2 encryption and don't broadcast the network name.
7. Periodically and at any time you suspect a problem, scan the machine using another AV package. Note that you'll likely need to install something to allow scans. Use Java rather than ActiveX objects. (Neither is perfect).
8. In general, avoid using anything that requires you to use activeX or Internet Explorer. (Germany just recommended users stop using IE just last year: http://www.reuters.com/article/2012/09/19/uk-microsoft-browser-idUSLNE88I01L2012
9. When a file looks fishy, upload it to https://www.virustotal.com/.
Microsoft does its security updates using interesting terms. Do not allow the update service to install things that are not security-related. This means you cannot use their automatic updates. By using Automatic updates you allow Microsoft to install new things. Each is a possible vector for infection. If you don't need it, don't install it. This means adding a procedure to what you do: Every Tuesday and Wednesday, you'll want to run the update service. (I suppose there ought to be a way to set the scheduler to do this for you. I've not looked into it yet.)
Hope this helps.
In some ways, securing a system always involves a degree of inconvenience. Eventually, we do adjust even to inconvenience.
---------- FOLLOW-UP ----------
QUESTION: How do I create a (non Administrator account)?
How do I determine if remote access is disabled?
Go to System Properties.
At the top you'll see 5 tabs: Computer Name, Hardware, Advanced, System Protection, Remote.
Make sure the box in "Remote Assistance" isn't checked.
Under "Remote Desktop" select "Don't allow connections to this computer".
If you think about sometime down the road, please let know how this is working for you.