General guidelines in minimizing risks
Even if not navigating the Internet, if your computer has an active Internet connection it is potentially vulnerable. The following are general minimizing risks guidelines:
Use and keep your security software (i.e. anti-virus program) up to date and turned on. Many users switch off their real-time protection to gain some speed, but safety should come before speed. We strongly recommend making sure that you use the latest version of the anti-virus software, and for that matter of any software that you are using on your computer. Newest versions come with improved and additional features to enhance software capability. Also make a habit of checking the capabilities of your anti-virus software by referring to AV-Comparatives tests and reviews and to the other tools available on the Internet (e.g. EICAR Test).
One defining factor for the protection capability of an anti-virus program is its continuously updated signature database. As new threats emerge, the program recognizes them and can protect against them. In order to do so, always keep the Automatic Updates of your anti-virus software turned on. AV-Comparatives comprehensive tests provide statistics and reports that help in choosing the anti-virus program to suit your needs.
Keep your firewall turned on
Software based firewalls are widely recommended for single computers, while hardware firewalls are typically provided with routers for networks. Some operating systems provide native software firewalls (such as Windows OS). For Microsoft Windows home users we recommend to use the firewall in its default settings.
Always perform the updates of your OS
If you use the Internet on your computer, then it is connected to the widest network there is – the World Wide Web. Since the WWW is a very dynamical space, operating systems permanently adapt to threats by releasing updates and patches that fix the eventual bugs, glitches or vulnerabilities that can prove to be exploited as security holes. Thus, it is very important to keep your OS up to date, as most new exploits are rendered inefficient by an updated system.
Keep third party applications (like e.g. Java, Adobe Reader, browsers, etc.) up to date
Third party applications are programs written to work within operating systems, but produced by individuals or companies other than the provider of the operating system. These can be browsers, e-mail clients, plugins (such as multimedia plugins for online streaming/gaming, or plugins for reading certain types of files). Since most of them are acting in the Internet environment, it is crucial that they always stay up to date and patched, because cyber-felons use vulnerabilities in older/unpatched versions to get the control of your system.
Backup your files and software
Backup is essential in case of data loss caused by malware attacks or malfunctions. Operating systems will attempt to recover system data through features such as System Recovery (Windows), but this procedure does not cover files or third party software. Therefore, we recommend using one or more of the following backup methods:
- Backup on a third party device such as mobile hard drive, CD, USB storage device, flash drive, etc. These should be precisely labeled as to contents and date, and stored securely. Three securely guarded generations of copies to the critical/important data (referred to as generational backup) are recommended: grandfather/father/son. You should take time to identify the important/critical data stored on your computer and proceed accordingly with the backup.
- Backup on a remote location, on a verified secure server. You can do this directly or via network.
You should perform backups regularly (at least every three months as a rule or with every change you made, for critical data). Take the time to test the restoring process from the back-up copy. Even though you spend some time doing this, remember the alternative of losing all your data. Additionally, consider using an imaging software to make regular backup images of your system.
Turn off your computer when not using it
With the spreading of high-speed Internet connections, people tend to spend more time online, even leave their computers or phones connected when they are not actually using them. The downside to this is that leaving the device always on makes them more susceptible to attacks. As a supplementary protection measure, turning the device off practically cuts the potential attackers off. Be it spyware or botnets that use your computer to reach other victims in the network, they cannot act without an active connection.
Act responsibly when disposing of your old computer
Getting a new, more powerful computer can easily make you forget about the old one. But before you dispose of the old computer you should keep in mind that you used it for a long time to store a lot of personal information. Should you give it away for recycling, donate it to charity organizations, or resell it to second-hand stores, first make sure that you save all the information that you need from the hard drive and store it on a secondary support (such as an USB drive, removable hard drive, Flash drive aso) and/or transfer it to the new computer.
Besides documents and files you still need, remember that the old hard drive also stores passwords, accounts data, address books, license keys for software programs, personal financial and medical information. Keep in mind that deleting the files or formatting the disk does not erase the actual data on the hard drive – it just removes the link to the bits and pieces of infomation scattered on the drive. These bits and pieces can still be reunited using various recovering tools, to rebuild the data and make it readable again. That is why it is very important to make sure you wipe clean the hard drive before disposing of it. Here are some recommendations of how to do this:
- Use a disk wipe utility – they are not expensive and some are even free. We suggest to choose a software that wipes and overwrites data many times – this method makes that data virtually impossible to recover. Overwriting destroys the data but allows the hard drive to be reused – and is currently the only known method in doing so.
- Degauss (demagnetize) the hard drive. If you cannot access the hard drive via the operating system, but know that critical/important/sensitive data is still stored on it, you should consider this method. Demagnetizing is a powerful data wipe method, and the quickest – but renders the disk unusable. Also, it is a comparatively expensive wiping method (a degauss tool costs several times more than a new hard drive) – but keep in mind that should your sensitive data get into the wrong hands that may cost you a lot more. If you decide not to use degaussing, you should consider the last resort of hard drive wiping.
- Phisically destroy the hard drive, ensuring it is rendered unusable. For enhanced security, try wiping the disk before destroying it, if possible.