Sure, it’s important to use antimalware protection. Same thing goes for firewalls, VPNs, spam filtering, and all the other elements of maintaining system security. But the real issue has always been, is now, and will always be the PBK. That is, the “Person Behind the Keyboard” who drives the system wherever it goes. My good friend and long-time co-author Stu Sjouwerman at KnowBe4.com likes to say that it comes down to security awareness. People (and employees) who understand security risks are less likely to take them, and far less likely to suffer as a consequence.
Be careful, careful who and what gets past security on your devices, Windows or otherwise.
[Image credit: Pexels 39584]
Above All, Practice Safe Computing
What does this mean for the people who use Windows? Safe computing, in a nutshell, means understanding that anything allowed to take up residence on your computer brings some degree of risk along with it. So here’s what that means in terms of an easy-to-remember ( and practice) list of things to avoid:
1. Never open attachments in email you aren’t expecting, especially from somebody you don’t know. Even if you do know them, it’s safer to send an email to Mr. X and ask him if he sent you an email with some invoices attached to it, rather than blithely assuming that because the email SAYS it’s from Mr. X, those attachments must be OK. Targeted phishing is on the rise, and says otherwise.
2. Don’t download from unsafe or suspect sites. If you need a driver, get it from Microsoft or the manufacturer. If you MUST get it elsewhere, run it through VirusTotal before you unzip, unpack, or even thing about executing it.
3. Stay away from BitTorrent, Warez and other unsafe sites. If you absolutely must go to such unsavory online destinations, do so inside a VM that you can abandon at a moment’s notice. Don’t risk your production or must-have systems by doing dumb things inside them. If you must be stupid, be smart about it! 😉
4. Make sure you run some kind of anti-malware protection on all of your PCs and Internet-attached devices. Over the years, I’ve learned that Defender and Windows Firewall are perfectly OK, if you practice safe computing.
5. Keep your systems patched, and your anti-malware software up-to-date. There’s enough potential trouble lurking of the unknown variety, to leave the door open for known (and fixable) sources of trouble, too.
6. MIT is a pretty good school. They have a pretty good list of Top Ten Safe Computing Tips you should read. Check it out. Better yet, follow its advice and admonitions.
Think Before You Click
The single most useful thing you can do to help yourself out, security-wise (or, for most readers here, to teach your users) is to “Think before you click!” Is what you’re clicking guaranteed to be safe? If not, let your security software check it over (or use VirusTotal). Make doubly-darned sure before opening up your system (and possibly your personal information, bank account, tax return, and so forth) to attack, theft, or misuse by others. When in doubt, don’t do it! That’s a great rule to remember and follow, and to pass along to others. It will also spare you untold amounts of pain and woe.
Be safe. It’s the smart thing to do, and the smart thing to teach.
Author: Ed Tittel
Ed Tittel is a 30-plus-year computer industry veteran. He’s a Princeton and multiple University of Texas graduate who’s worked in IT since 1981 when he started his first programming job. Over the past three decades he’s also worked as a manager, technical evangelist, consultant, trainer, and an expert witness. See his professional bio for all the details.