While default security configurations for many products have improved greatly over the years, some options and settings favor ease of use over security, exposing vulnerabilites that can be used to compromise a system. Also, configurations appropriate for home users on private networks may not offer enough protection for systems handling information on the campus network.
Many computer compromises can be prevented by following a few simple steps:
- Update your Operating System and Computer Software
Most security issues are related to vulnerabilities in the operating system and other software installed on the computer. As these flaws are discovered, software companies release patches to fix the security holes, so you need to constantly be checking for new updates to stay secure.
- Use Strong Passwords
Besides vulnerable software, another entry point for attackers is via a login to the computer. If you have not set strong passwords, or left them blank or the default value, this makes your computer vulnerable to various types of attacks, including "dictionary attacks" which is a rapid, automated guessing of common passwords, that leads to computer compromise.
- Install and Update Anti-Virus Software
One of the largest risks to a network is an infected or compromised computer. An infected computer can be used to compromise other computers on the same network. Anti-virus/Anti-malware software is another critical layer of defense to limit what an attacker can do once a computer is compromised.
- Enable Firewall Protection
Firewall software can help protect your computer from remote hackers and security attacks. Severe attacks can delete important information, crash your system, or steal private information like passwords or credit card numbers. Most modern operating systems come with the firewalls enabled.
- Encrypt Sensitive Data
An attacker getting access to sensitive data is one of the biggest risks. Sensitive data should be eliminated where possible from all computers, however, if it absolutely must be stored then it must be encrypted. Encryption of sensitive data with a strong password key prevents an attacker from reading its contents if the computer is compromised. For mobile devices, it is recommended to encrypt the entire device if possible.
Learn more: Secure Your Computer