Policy & Security: How to Secure Your Home Computing Environment in Ten Easy Steps

When most people think about computer security, they think of their work computing environment. IT departments exist to secure and protect computers, servers and the data they contain. However, recent statistics show that 30% of home computers have been infected or compromised. Given that most people don’t have access to professional IT services for their home network; it’s up to home computer owners to take a few steps to secure their home network.

  1. Use modern operating systems and computer hardware.
    While Windows XP and Mac OS X 10.5/10.6 remain very popular operating systems for home users, time is running out in terms of support from Microsoft and Apple. One of the most important things a home computer user can do is to routinely update the operating system of their computers via Microsoft Updates or Apple Software Update. However, Windows XP will not continue to be updated by Microsoft after July, 2014 and support for Mac OS X 10.5 and 10.6 has already been ended by Apple or will be ending soon. Take advantage of employee discounts offered to UCSF employees and buy newer computers or update your existing computers to newer operating systems such as Windows 7 or Mac OS X 10.7.
  2. Install and maintain anti-virus/anti-malware software.
    All computers, Windows or Mac OS X, should have commercial anti-virus/anti-malware software installed. One of the biggest misconceptions about Mac OS X systems is that they are impervious to viruses or malware. Nothing can be further from the truth because the growing market share of Apple computers has attracted the attention of cybercriminals. Microsoft offers a free product called Microsoft Security Essentials and Sophos offers a free version of their Sophos Anti-Virus product. Better yet, UCSF offers a comprehensive anti-virus/anti-malware product called Symantec Endpoint Protection to all UCSF employees for use on their Windows and Mac OS X home computers.
  3. Restrict the use of administrator accounts
    Everyone loves to be in complete control, its only human nature to feel that way. However, the reality is that most people really don’t need to have administrative permissions to use a computer. Do your children really need to have the ability to install and modify the configuration of your home computer? Viruses and malware are often engineered to take advantage of login accounts that have full control of a computer operating system.
  4. Use strong passwords
    One of the easiest ways that cybercriminals take control of email accounts is the use of weak passwords by the account holder. Generally speaking, passwords should be six or more characters with a mix of upper and lower case, at least one numeral and at least one non-alphanumeric character. In addition don’t use easily guessed passwords such as information easily gleaned from all the social media sites where this type of data is typically shared. Some thing you can remember and something no one can guess is the best rule of thumb for password policies.
  5. Use a modern web browser
    One of the easiest ways to compromise a computer is through a web browser. The best way to deal with this threat is to use an up to date web browser such as Microsoft Internet Explorer 8/9, Apple Safari 5/6, Mozilla Firefox or Google Chrome. Not only will modern web browsers provide you with an up to date web browsing experience but they’ll do a better job of protecting you and your computer from viruses and malware. Check our recent article on Google Chrome for more information.
  6. Use up to date application software
    Another gateway for viruses and malware are out of date applications such as Microsoft Office and Adobe Reader. Virus and malware authors know that most computers have some form of these applications installed on them. Keep your software up to date by making sure that auto-updating is enabled. Avoid using older versions of Office and Reader because they don’t have the ability to block infected files. Adobe Reader is a free download and it can update itself automatically. Microsoft Office can also update itself but is a pay for product that UCSF employees can obtain at a discounted price.
  7. Encrypt the hard drive of your laptop computer
    One of the easiest ways to expose your personal data is to have your laptop lost or stolen. All of your personal data on an unencrypted laptop could be easily accessed by whoever finds or steals it. Data on an encrypted laptop would not be accessible to unauthorized people. Yet another perk of working at UCSF is the free availability of PGP whole disk encryption software.
  8. Secure your home wireless router
    Many home networks use wireless routers because they allow us to easily connect to the internet without the need of Ethernet cables. However, many people don’t take any steps to secure their wireless network. As a result you might have complete strangers access your internal home network without your knowledge or permission. Check with the technical support web site of your wireless router. The best ways to do this:

    • A. Turn on WPA2 encryption instead of WEP encryption
    • B. Change the default SSID (network name) to something more unique
    • C. Change the default password for the administrative access of your router
  9. Use an alternate DNS provider
    DNS (Domain Name System) is the naming method by which computers locate other computers by using their IP addresses. All networked computers use IP addresses, IP addresses are numerical values that assigned to them by ISP’s (internet service providers) such as ATT and Comcast. When you type in www.yahoo.com in your web browser, your computer asks a DNS server what is the IP address of www.yahoo.com and is told that is it 72.30.38.140. Sometimes this process can be corrupted by cybercriminals in an effort to redirect you towards web sites set up to compromise your computer. This is where use of OpenDNS can be useful. It’s a free service that is more resilient than the DNS services offered by ISP’s. In addition you can use OpenDNS to prevent your home computers from accessing websites that host inappropriate content.
  10. Use with caution
    All the technology and security measures in the world can’t protect you if you’re not exercising some caution when using a computer on the internet. A few good tips:
    1. Try to avoid visiting unknown websites and don’t click on popup windows that you were not expecting.
    2. Use caution with your personal information
    3. Do not share passwords, user names, account IDs or PINs with anyone
    4. Do not leave mobile phones or other personal electronics such as a laptop or smartphones unattended
    5. Never open messages or attachments from someone you don’t know.
    6. Set appropriate privacy settings on social networking sites

These ten steps are far from a complete list but rather a collection of well-known best practices. There are plenty of additional resources available on the internet. Note that this article makes no mention of Microsoft Windows 8 or Apple Mac OS X 10.8 because support for UCSF supplied software for these operating systems does not exist at the time this article was written.

↑ back to top ↑



Resources: