The Security Dance

"Is your home PC secure?"

You may not even know how to answer this question, given all the different types of security threats that all internet-connected computers face these days. PC security is more than a state of mind -- it's doing everything you can to protect yourself from people who want to hijack your computer, damage your data, and steal your personal information.

There are three key pieces of security software you need to have on your home computer:

ANTIVIRUS

ANTISPYWARE

FIREWALL

You may own one piece of software that accomplishes all 3 functions such as Norton Internet Security. Regardless, take the time to examine the security software you have installed on your PC. You may be leaving a gaping hole open to cybercriminals.

Here are some common pitfalls for home users, as well as some easy solutions.

1. Having antivirus software with no antispyware, or vice versa.

Once upon a time, all home users needed was antivirus software to ensure security. That was 10 years ago. Today, viruses may be the least of our threats. Adware and spyware can cripple a PC's resources and gather personal information about users. Some antivirus software applications have antispyware capabilities (and vice versa), but even those applications fall short in spyware detection.

A firewall, on the other hand, will protect you from live threats. There are lots of automated systems out there "sniffing" around, pinging random web addresses looking for an open hole into someone's computer. An "intrusion" into your system might even originate from deliberate human hacking. You need a firewall to shield your system from this hailstorm of attacks. A good firewall will not only tighten up all open network ports on your PC against incoming riff-raff, but it will scrutinize all outbound network traffic as well. That way, if adware or spyware on your PC tries to send data to a host site, the firewall will block this activity.

Adware, spyware, viruses, trojan horses......so many terms. There is one word that encompasses them all: malware. The best way for home users to protect themselves from malware is to install dedicated antivirus and anti-spyware and firewall software.

2. Relying on Windows Firewall as your sole firewall.

Windows XP and Vista both come with a rudamentary firewall as part of the operating system. While well-intentioned and not harmful for most home users, the efficacy of Windows Firewall is lame at best.

The best practice is to keep Windows Firewall enabled on your PC but install an additional software or hardware firewall for your system.

3. Letting the subscription expire on your security software.

Sure, you've got McAfee Antivirus and Trend Micro Antispyware software installed on your PC. No worries, right? Well, have you checked to see if your subscription is still active? It's important to keep your security software updated with the most up-to-the-minute malware information. Once the subscription expires, your security software will continue to run, but it will fail to detect the latest threats.

Open up each of your security applications and verify the expiration dates. You might want to make a note to yourself (perhaps an Outlook calendar appointment?) to renew your security software subscriptions right before they expire.

4. Ignoring security software because you're broke.

Hey, I get it. Antivirus costs $30, antispyware costs $30, and the firewall software might not even be included.

While there are many excellent commercial applications available, you can actually get decent protection without spending a dime. Here are a number of absolutely-free security applications:

ANTIVIRUS

• AVG Anti-Virus Free Edition
• Avast Home Edition 4.7
• Avira AntiVir PersonalEdition Classic
• PC Tools AntiVirus Free Edition 4.0

ANTISPYWARE

• Ad-Aware 2007
• Microsoft Windows Defender
• SpyBot Search and Destroy 1.4
• Trend Micro HijackThis 2.0.2
• SpywareBlaster 3.5.1
• Spyware Terminator 2.1
• AVG Anti-Rootkit (for Windows XP only)

FIREWALL

• ZoneAlarm 7.0 (for Windows XP & Windows 2000)
• ZoneAlarm 7.1 (for Vista)
• Comodo Firewall Pro

Download and install any single application from each of the three categories if you don't have any protection. And don't be afraid to install more than one antispyware software at a time -- you can run multiple. Studies have shown that different antispyware applications catch different pieces of malware, so the more antispyware software you have installed, the greater your chances are complete protection.

5. Downloading from websites you haven't 100% verified.

You should know not to download anything from the internet unless you've verified the source. Even well-intentioned websites can carry infected software for download. Other websites are "spoofed", making you think that you're on a trusted site when in fact you're on an identical fake, feeding you malware and collecting your information.

Take the time to type in the exact address of the website you want up in the address bar of your internet browser. Sometimes simply doing a Google search for the website that you want yields spoof sites!

Also, avoid downloading and installing unnecessary software. But if you must, download it from a trusted, secure website such as http://www.download.com/ or http://www.pcworld.com/.

6. Using Internet Explorer, particularly versions 5 and 6.

Right, I know that the grand majority of internet users surf the web with some version of Microsoft's ubiquitous Internet Explorer. (Over 70% of you who visit my website use IE.) I'm not going to lie: I happen to be using it right now. There are websites that won't work correctly without it.

The problem is that all the criminal hackers in the world also know that 70% of you use IE. And that one fact makes IE a prime target for hacking.

Microsoft makes a decent attempt at trying to patch the security holes in IE, but the fact remains that a browser this popular is simply too big a target for hackers to find holes in. Although security patches come out on a regular basis from Microsoft (and you should always install them -- more on this below), they appear to be falling further and further behind in the cat-and-mouse game of browser security.

Fortunately, two of the best alternative browsers are free of charge: Mozilla's popular Firefox browser, and Opera Software's Opera Browser.

Why not give one of them a try? It only takes 5 minutes to download one of them, import all of your IE bookmarks into the new browser, and start surfing. You don't have to commit to using either of them permanently, and you can still run IE if you need to -- even simultaneously with Firefox or Opera. You may also notice a slight increase in browsing speed over IE, although I have not been able to verify this on either browser.

7. Not installing all the latest Windows Updates.

Microsoft Windows XP is still a work-in-progress, even as it approaches 7 years of age. (Windows Vista is more like a work-in-gestation!) It requires regular updates and patches from Microsoft to keep it as stable and secure as possible. Fortunately, Microsoft has automated this process for you. To ensure that you get regular updates, do the following:

- Right-click on My Computer and select Properties
- Select the Automatic Updates tab
- Ensure that the first option is selected: Automatic (recommended)
- Click OK

When new updates are automatically downloaded by your computer from the Microsoft website, a yellow shield will appear in the lower-right corner of your screen:

Click on it! A dialog box will then ask you if you want to install updates. Say yes! The updates will begin to install themselves. You may be required to restart your computer at the end of this process.

You can also manually verify that your computer is completely up to date:

- Go to the Start and select All Programs
- Select either Microsoft Update or Windows Update

An IE window will pop up that will take you to a special Microsoft website that checks your PC for installed updates. Follow the on-screen instructions to determine if your PC needs additional Windows updates.

For SysAds: Symantec Enterprise Vault

Recently, I was charged with leading the rollout of Symantec's Enterprise Vault to all 4,210 Outlook users in my organization. One of the first things I noticed when taking on the project is that there doesn't seem to be a simple "how-to" guide for Enterprise Vault users. (At least not one I could find after spending some effort searching the internet.)

So I wrote one from scratch. Here it is, for those of you who may be looking to roll out this system to your company or organization...

~~~~~

In the next few days, we will be rolling out Enterprise Vault, a system that will give you a large additional space (an archive) for storing email. You will need to actively maintain this storage space (the "vault") to ensure that you do not exceed the 450 MB limit. Be aware -- it's easier to reach your limit than you think!

Enterprise Vault works automatically, but there are seven important things you need to know about the changes it will make to Microsoft Outlook on your PC:

1.
All emails that are more than 2 weeks old are automatically archived into the vault. You will still see the emails in your inbox list, but the icon will look different:

2.
If you select one of these archived messages, you'll notice that the message preview in the Preview Pane will be limited to the first 500 characters of text, with no attachments:

Also note the text in the blue box stating "This message has been archived."

3.
If you want to access the entire message and its attachments, simply double-click on the message. You will need to wait several seconds for the message to load from the Enterprise Vault archive.

If you need to open this message frequently, you can move the message permanently out of the vault back into your inbox. Simply highlight the message in your inbox and select the "Restore from Vault" button in your Outlook Toolbar:

Then a dialog box will pop up....just click the OK button:

Enterprise Vault will begin restoring the message from the vault, and the message icon will change back to normal when restoring is complete. This should only take a few moments.

4.
If you wish to delete a message that has been archived, a box will pop up when you delete it:

Click the Yes button and Enterprise Vault will delete the message from the archive.

5.
You can store any message you want into the vault. Simply highlight the message and click the Store in Vault button on your Outlook Toolbar:

Consider using Enterprise Vault instead of your Personal Folders to store your messages! Unlike Personal Folders, Enterprise Vault uses Outlook Web Access, gets backed up frequently, and is far more crash-proof and corruption-proof.

6.
Your vault is completely searchable. Click on the Search Vaults button:

Outlook will then give you a place to enter the text you wish to search for.

7.
Enterprise Vault works the same way as above when you are checking your email at home or on the road using Outlook Web Access. The buttons, icons, and functionality are all the same, except when you want to Search Vaults, click the Search Vaults button on the bottom-left of your internet window:

Coming Up With a Password

Here's the scenario: your workplace, online bank, and credit card company all require you to come up with a "strong password". Your workplace in particular requires you to change this password every 90 days for maximum security.

The requirement? The password must contain both capital and lowercase letters. And numerals. And symbols! And it can't contain any common "dictionary" words!! You find yourself sitting in front of the "Change Password" dialog box for 30, maybe 40 minutes trying to come up with a password that the system will accept as "strong".

Finally, you give up. "I'll just use a bunch of random letters, numbers, and characters," you say. Except that the next day when you try to log in, you can't remember your cryptic password, which was "5Hg&T#f90p@!1". And then again a week later you forget. And then again a week after that you forget, and your IT guy is about ready to strangle you.

There are easier ways to meet the criteria for a strong password. Here are some ideas that you can use to come up with unique, strong passwords that you can remember. You'll note that there is a common theme among all the ideas: the key is to come up with something familiar that contains both letters and numbers!

1. How about a song that contains both letters and numbers? Perhaps you're a big fan of 'hair bands', particularly Poison, and "7 Days Over You" is one of your favorite album tracks. Simply run the words together (keeping the capitalization) and put a character at the beginning or end of it:

• #7DaysOverYou


• 7DaysOverYou$


• *7DaysOverYou

2. How about a town and zip code that you once lived in, or of a relative or friend? The benefit here is that most city/town names aren't common dictionary words, so they usually meet the strictest password criterias. Here are a few examples:

• @SedonaAZ86339


• TacomaWA98402%


• Krumsville,PA19534

3. Maybe there's a car you once drove? Or one you dream of owning?

• 1971PlymouthCuda!


• 91PontiacTransSport&


• (88HondaCivicCRX)

4. On extremely tightened-down systems, the above suggested passwords still aren't strong enough. Something you can do to make these passwords even stronger is substitute numerals and symbols for similar-looking letters. By doing so, you can take even a fairly weak password like "Carrots" and turn it into a strong password like "C@rr0+$". Here are some classic numeral and symbol substitutions:

The key is to make a password that you can remember. If you use your first car as a password and the password expires, move on to the second car that you owned, then the third. That way, if you forget the following day that you changed your password, it will only take you one or two more attempts to remember what your new password is. (Most systems only allow 3 attempts before your account is locked up, so this is important.)

If you use ideas like the ones above, you can easily create strong passwords that you won't have to tape to the underside of your keyboard!

For SysAds: Removing "XPS Document Writer"

Last year, I wrote a Tech Tip explaining how to remove Microsoft Office Document Image Writer. (You can read that Tech Tip by clicking here.)

Since then, I've discovered that it may be best to also remove the Document Image Writer's equally-annoying younger brother: Microsoft XPS Document Writer.

XPS (XML Paper Specification) is Microsoft's latest alternative to PDF. Your organization may or may not be using it, so the first thing to do is find out if your users are. The odds are that they aren't: like it or not, PDF is here to stay for a while. Microsoft often tries to create alternate formats in an effort to increase market share (see: WMA audio files and WMV video files), but these proprietary formats are not always successful.

If none of your users create XPS files or use the XPS Document Writer, then you may want to consider removing Microsoft XPS Document Writer from all user profiles. It tends to cause the same issues as "Image Writer" when a user doesn't have any printers set up or has the wrong printer set as the default. (See my previous article linked above.)

To remove all XPS Document Image Writers from all user profiles at logon, simply add these 3 lines of code to your user login script (or create one for this if one doesn't exist):

c:

cd \windows\system32\

cscript prnmngr.vbs -d -p "Microsoft XPS Document
Writer"

You can delete or "rem out" this line of script once it's been run by all your users.