«
»

You just bought a new PC and plugged it into the Internet. It’s safe – there hasn’t been time for it to get infected yet, right?

Unfortunately, wrong. The average PC gets attacked within 11 seconds of being connected to the Internet. And while we’d like to think that a new box comes with all the necessary protections turned on, too often that’s not the case. Even if they have all the right basic software, they’ll need dozens of patches right off the bat.

Bill Brenner of CSO Online recently wrote a great column on protecting a new PC. Here’s my take on the recommendations. Note: Some of these are steps you should take before you connect the computer to the internet. It’s tempting to just plug in and start playing but your work at the start will save countless hours of cleanup later.

  1. Set up user accounts. Even if you are the only person who will use the computer, set up a password-protected account for yourself. This will limit the damage in the event that the account is ever compromised.
  2. Uninstall all the junk you don’t need. Modern computers come loaded with all kinds of gadgets, samples and options – most of it you will never use and certainly didn’t order. It’s tempting to keep some of it because, hey, who knows what might come in useful someday. All that ‘bloatware’ carries risk (unpatched holes and vulnerabilities in the software) and adds complexity. If you don’t have an active need for the program, get rid of it. You can always add it back later.
    When you first turn on the computer (still not plugged into the internet), open Control Panel/Add and Remove Programs. Uninstall all the junk you didn’t order. In particular, get rid of every piece of trial software except your trial anti-virus. All the remote help, AOL interfaces, games and even MS Office have to go.
  3. Turn on the trial anti-virus. This should be on by default but you want to make very sure. Once you’ve double-checked, it’s time to connect to the internet. Once online, the very first thing you need to do is update the anti-virus definitions. The second thing you need to do is replace the trial version of your anti-virus program with a permanent one. You can subscribe to the same service that came with the box or replace it with a new one but either way, make very sure that you have anti-virus locked and loaded for more than the 30-day trial period. You’d be amazed how many people put this step off and end up without any protection at all on day 31. Do it now while it’s still fresh in your mind.
  4. Replace your browser. Some people disagree with this step now but I still think Microsoft has a long way to go before they are really secure. Mozilla’s free Firefox browser has, in my opinion, better built-in security. It also has far better options to enhance security through free add-ons. I strongly recommend immediately activating NoScript and AdBlock Plus.
    NoScript disables all java-script on webpages that you visit unless you explicitly allow the script to work. It kills most pop-ups and blocks most cross-site scripting attacks. You have the option to whitelist any page that you trust (like your bank) by right-clicking the security icon on the bottom right of the browser window.
    AdBlock uses a blacklist to block known ads from displaying on your webpage. It also blocks lots of cookies and other intrusive software.
  5. Replace MS Office. Again, I wish I could say that Microsoft did security better. And the truth is that they’re not all that bad but they are the big target and every hacker in the world tries to exploit their holes. Not as many people are attacking other software. Sun Microsystem’s OpenOffice is a free alternative with fewer reported exploits. It doesn’t quite look or feel the same as the MS Office suite but it’s close and it’s highly compatible.
  6. Patch all your software. This is almost impossible to do without help. I’m still quite happy with Secunia PSI’s patch management program. Once you install the program, let it run, then follow the instructions to bring your other software up-to-date.

That should get you a good start toward security for your new PC. Enjoy.

This entry was posted by Mike Rossander on 2009 July 6 at 13:20 under Home Computer. You can leave a response, or trackback from your own site. Follow any responses to this entry through the RSS 2.0 feed.

Leave a Reply