I’d like to start this off by saying if you want better security…

…switch to a good BSD or Linux distribution!

What follows is an email that I typed up to someone who was being aggressively sold anti virus software by a PC security vendor. It was not intended to be 100% technically complete, but rather just an overview and recommendations for that specific person.

Your mileage may vary.

Hello,

There are only a couple ways of getting a virus:

• Your computer has a security hole, and you visit a malicious web site.
• Your computer has a security hole, and another computer “pushes” a virus into your computer (other computers in the same office).
• Your email client has a security hole and you read a malicious email.
• You open a malicious attachment
• You download stuff or install stuff that other people gave you.

The last two are bold, because they are the most common.  And the most easy to avoid.

Here is how to not get viruses:

1. I DO NOT open attachments from people unless I know WHAT THEY ARE and WHY IT WAS SENT to me.
2. I DO NOT download stuff from the internet, except from the most reputable sites (Microsoft, Google, Sun, etc…)
3. I KEEP my computers up to date all the time by running windows update.
4. I DO NOT browse the internet using Internet Explorer.   I only use it for specific sites that require it.

What if you get one anyway, through something that is beyond your control?

The thing to remember here is that computers can DIE AT ANY TIME WITHOUT NOTICE.  They are fragile machines that have 1,000,000 things that can go wrong.  If you are keeping data on your PC and planning on it being there tomorrow, you will eventually be in for a nasty surprise.

Your computer will stop working at some point due to (a) malfunction, (b) virus, (c) hardware failure, (d) software failure.

So what is the answer?  Backup, backup, backup…

—
To illustrate…  I could lose any of my computers right now, and not be much more than inconvenienced.  In fact, I just erased my whole PC at home and had 100% confidence that I could put everything back.

That is the attitude that NEEDS to be taken — PC’s are totally unreliable.  Keep anything of any value always backed up.

How do you keep it backed up?

I did a good bit of research on that.  Here is what my circumstance looks like:

—
At work, we keep everything on the server.  And we backup the server every day.  However, this is impractical for some users who just naturally use “My Documents” and forget to use the server drive.

—
At home, I use http://sugarsync.com.  That is a great service that ALWAYS keeps your computers backed up ALL the time.  You just tell it what to keep track of, and it notices any time there is a change and backs it up.  I think this is an excellent solution (it starts at $5.00 / month for 30 GB or $10.00 / month for 60 GB).

I recommend that you guys take a look at sugar sync.  It’s a snap to use, and gives you the confidence that your PC’s are unreliable, but you are covered.  It also keeps the latest 5 versions of each file, incase you need to look back at a previous version.  I did a lot of research before picking one that I was confident in.

Actually, my laptop just died.  Really — it won’t turn on.  I cannot get into it to do anything at all.  But everything I had on it is at my fingertips.  I can pull it down to my PC and keep moving.

But what about viruses, etc…?

Well, users are not always the most thoughtful about what files they download, or install, or interact with.  So it is an advisable idea to run a good UP TO DATE anti virus solution.

I use Norton on some computers (notably, not on any of my PC’s for years, and never had a virus on any of those computers).  But I do prefer to have it on most computers just because it does scan incoming files, and tells you if you were infected.

However, the anti virus software MUST be kept up to date.

Anti virus won’t do any good if Windows has a security hole.  Windows update is not optional, it is a MUST.

Lastly, DO NOT use internet explorer for browsing the internet.  Use Fire Fox.  Sometimes you need to use IE for a conference call, or to check compatibility, but it has far fewer and less severe security holes than IE.

In Summary:

1. Keep your computer updated via windows update (automatic).
2. Keep your computer backed up (via sugar sync (automatic).
3. Keep your browser secure and updated (firefox, automatic)
4. Don’t download anything except the most reputable software
5. Don’t install anything from anyone — directly download it if you need it
6. Don’t open attachments unless you know WHAT they are and WHY you have them.
7. Run a good up to date anti virus package (norton, automatic updates)

Did I mention keep your computer backed up?  https://www.sugarsync.com/