(Approx. 1,113 words)

 

New Year’s Resolutions for Safe Computing

By Ira Wilsker, APCUG Director; columnist, The Examiner, Beaumont, TX; radio & TV show host

iwilsker(at)apcug.net

 

WEBSITES:

http://www.ntius.com   -   Shadow Backup

http://www.getfirefox.com  -  Firefox 2

http://www.microsoft.com/windows/ie   - Internet Explorer 7

http://www.trendmicro.com – Internet Security Suite 2007

http://www.snopes.com  - Snopes Hoaxes and Urban Legends

 

It is that time of year that we all make New Year’s resolutions.  Most of us have resolved to lose weight, stop smoking, or perform some other beneficial act.  One resolution that we all should make is to practice safe computing.

 

Despite exhortations in this column for several years, as well as pleading on my weekly radio show, it is still abundantly clear that many of you still need some encouragement to practice safe computing.  In no special order, here are some safe computing resolutions that we should all follow:

 

Backup Backup Backup.  These are the three most important words in computing.  I still receive many calls for help from readers and listeners who have had a hard drive fail, resulting in the loss of critical data files.  Remember that Murphy’s first law of computing is, “A properly backed up hard drive will never fail; but the first time you do not have a current backup, the hard drive will always fail at the most inopportune time.”  Think about the critical data files that you have on your hard drive right now; family photos, tax records, spreadsheets, databases, important letters, and other important data.  While the loss of a hard drive may be tragic, it may also be no more harrowing than a minor inconvenience if that hard drive is properly backed up.  There are several software products that automate the backup process almost invisibly, and with minimal intervention.  Personally, I have NTI’s Shadow (www.ntius.com) running on a full time basis performing a real time backup to an external USB hard drive.  If my hard drive were to unexpectedly fail, or if I even had to purchase a new computer, I could quickly be back up and operating with no loss of critical data files.  In the event of a disaster, such as Hurricane Rita, the external hard drive loaded with data, or some other media (CDs and DVDs are also commonly used for backup), could be quickly and easily packed for evacuation or relocation, allowing for quick recovery or operations from an alternative location.  There are other methods of backup, including automated remote backup to a distant location via a broadband connection.  Whatever method and media of backup is selected, just do it, and do it constantly.  Remember the cliché that it is better to have it and not need it, then to need it and not have it.

 

Phishing, spyware, and other forms of malware may have become a greater threat to our safe computing than the traditional virus attacks.  Identity theft is rampant, and unsafe computing is a major contributor to identity theft.  Phishing is a form of identity theft where the user is tricked into connecting to a spoofed website imitating the website of a major company or financial service organization.  Companies’ websites such as PayPal, eBay, Sears, and major financial institutions and credit unions are commonly spoofed by criminals who attempt to persuade the victim to enter personal information, account numbers, credit card numbers, and other sensitive information on the spoofed site.  Various media accounts put the increase of phishing attacks from seven to eighty times more than a year ago.  No reputable company will ever ask you for credit card or personal information in an email.  Fortunately, more protections are currently available to protect us from phishing attacks.  The new versions of the major internet browsers, such as Firefox 2 and Internet Explorer 7 include integral protection against phishing by warning the user of suspicious websites.  Several of the new 2007 versions of software security suites, in addition to traditional antivirus and firewall functions, now also provide protection against phishing, spyware, and other malware attacks, as well as other security functions.  For example, with Trend Micro’s Internet Security Suite 2007 installed (www.trendmicro.com), clicking on a phishing link in an email will immediately popup a warning that the site is illegitimate.  Protecting us from malware is an excellent safe computing resolution.

 

Parallel to the anti-phishing protections, we still need protection from viruses, worms, Trojans, and other malware.  Most current antivirus software includes an automated update feature.  I continue to hear from callers and readers that they update their antivirus every few days, or once a week; that is totally inadequate as well as dangerous.  Most antivirus publishers are now releasing several updates a day, sometimes as frequently as hourly.  Configure the antivirus software to check for updates as frequently as possible.  With about 300 new and altered viruses appearing on a daily basis, very frequent updates are a necessity.  It is dangerous not to update as frequently as practical as it may give the user a false sense of security that they are protected, when in fact they are not.  Updating antivirus software on a constant and consistent basis is an excellent resolution.

 

Another resolution would be to stop forwarding hoaxes, urban legends, and other useless emails.  I still get several sent daily by well intentioned and faithful readers and listeners.  Remember that you will not receive gift cards by forwarding emails, and Bill Gates is not giving away $1000 for forwarding emails announcing new products.  Good luck will not come from forwarding emails, and evil will not befall the user if they break a chain letter email.  Before forwarding anything exciting like a warning, check it out on one of the hoax and urban legend websites, such as Snopes (www.snopes.com).

 

Complete your resolution by promising never to respond to popup ads, and not to reply to spam emails.  Do not respond to get rich quick schemes like the infamous Nigerian 419 money laundering scams (you will not get a share of millions by wiring money), or to fraudulent international email lottery scams.  Do not buy trashy penny stocks based on a spam email touting explosive future gains; you will only be funding a criminal enterprise.

 

These are not all of the safe computing resolutions that we may make, but they are a good start to safe computing.  Safe computing practices should be continuously improved, and now is the best time to start.  Tomorrow may be too late.

 

There is no restriction against any non-profit group using this article as long as it is kept in context with proper credit given the author.  The Editorial Committee of the Association of Personal Computer User Groups (APCUG), an international organization of which this group is a member, brings this article to you.