This is a guest post by Fergal Glynn. Fergal is the Director of Product Marketing at Veracode, an application security company that improves Internet security.
PC users commonly, and unwittingly, place their computers and personal security at risk. Here are ten common PC risks and how to avoid them.
- Using easy-to-guess passwords and easy-to-guess answers to security questions. In all fairness, it’s impossible for any average person without a photographic memory to remember the dozens of unique usernames and passwords we retain to access credit card accounts, bank accounts, social networks, membership sites and more. One obvious risk that most PC users tend to overlook is that any savvy hacker can easily bypass your password by answering security questions, such as the name of the street you grew up on, your mother’s maiden name and similar questions. Not so easy to guess, you say? A visit to a public profile on a social network could provide easy access to these answers, or at least clues.
- Turning off automatic Windows updates. Automatic updates can be annoying. Some users elect to turn off Windows’ automatic update programming and manually review and select uploads periodically. Updates are often important for patching known security risks in software, so not installing updates when they’re available can mean you’re leaving your PC at risk of attack.
- Expired virus protection software. I’m sure we’ve all had this happen: We start getting notifications from our anti-virus software letting us know it’s time to renew our subscription. We all lead busy lives, and it’s not uncommon for users to put off updating these subscriptions until later, leaving the PC at risk for common malware and Trojans it may have otherwise been protected from.
- Working on unsecured networks. Users utilizing a wireless home network should secure it with a strong password. An unsecured network allows unauthorized users to access your wireless network, potentially opening the door for other attacks.
- Posting personal information on social networks. Social network users should avoid posting personal information, especially information that could be used as an answer to a common security question, such as a mother’s maiden name or pet’s name. Many social networks offer privacy options; users should select the highest-level privacy settings possible (reducing the total number of people with easy access to information).
- Opening unfamiliar emails or links. PC users should avoid opening any email coming from an unidentified source. Even if an email comes from a personal contact, any suspicious links should be avoided and the attached emails deleted unless confirmation can be obtained verifying the legitimacy of a message or link.
- Installing multiple “freeware” programs. We all love free stuff, especially free computer programs that would ordinarily cost us hundreds or thousands of dollars. If we can get a free program that does the same thing, that’s got to be better, right? Not necessarily. Too many freeware programs can slow down a PC. Further, users must check the validity of any freeware program before installation: Is it coming from a reputable source? What do other users have to say? In some cases, these programs also install spyware on your PC, which is how the programmers make money.
- Allowing the autorun feature to boot several programs every time you start your machine. Really. Take a moment and make a list of the programs you use immediately, without fail, every time you boot your PC. There aren’t many, are there? It’s not necessary to allow programs to automatically run every time you start your machine; in fact, it can slow down your boot time considerably. If you’re using autorun with those freeware programs addressed in #7, you could be opening a see-through window for hackers every time you turn on your computer.
- Failing to back up important files. While this point won’t put you at increased risk for attacks, it will put you at risk for losing your data—and your mind—should you happen upon a virus with the capability to wipe out your hard drive. An external hard drive has tons of storage, they’re not that expensive, and you’ll never regret the investment if you ever have this happen to you.
- Plugging your PC directly into a wall outlet, and failing to unplug during an electrical storm. Your PC should be plugged into an adequate surge protector, along with any relevant components, such as a printer/scanner/fax combo. This won’t leave you more vulnerable to hackers, but it does allow plenty of opportunity for a single bolt of lightning to wipe out your machine—and your hard drive, with all that data you hopefully have backed up in a secure location.
So, there’s plenty of “risky” behaviour that could have an adverse effect on your computer. What do you think of the items listed here? Are there any that you do yourself? Or is there something else you think should be on the list? Tell us your thoughts in the comments.