By Calder Phillips-Grafflin
How many of you are concerned about the security of your computer? For those of you who answered no, are you prepared to handle losing all of your files? Having your online banking hacked? I didn’t think so.
Computer security is a real problem that doesn’t just affect you; it affects everyone, Windows, Linux, UNIX, and Mac users alike. That’s the message of the new STOP.THINK.CONNECT. campaign from the Anti-Phishing Working Group (APWG), National Cyber Security Alliance, and a number of major technology companies including Microsoft, Intel, Google, RSA and many others.
The main goal of the STOP.THINK.CONNECT. campaign is to give people an idea of what “safe computing” means. That doesn’t mean going out, buying an antivirus subscription and forgetting about it. It means thinking about security every time you use a computer (remember, your phone is a computer, too), and developing good habits.
In the words of security expert Bruce Schneier, “Security is a process, not a product.” It isn’t hard to develop these secure computing habits, but it can be hard to realize just what constitutes ‘unsafe’ computing.
What exactly is ‘unsafe’ computing? It means anything from connecting to unsecured Wi-Fi networks to forgetting to update your computer. Less obvious are the little things. Passwords should not only be strong, but also unique. Think about it this way: every time you set up a new password for service X, they probably have enough information about you to find your account at service Y. If both of your accounts use the same password, they have enough information to access both. There isn’t a simple answer to security, either; increased security usually comes at the cost of decreased usability, and finding the right balance here can be hard.
That being said, there are always a few basic things you can do to improve the security of your computer. For Windows users, secure computing means turning off AutoPlay/AutoRun, using User Access Control (UAC), and using a non-administrator account if possible. For Mac users, it’s running an antivirus and a firewall.
And for Linux/Unix users, that means using the ‘root’ account as little as possible.
Keep in mind that malware spreads not just over the internet, but also from USB drives, CDs and DVDs. If you really care about security, and are willing to adapt your computing habits, then I’d suggest using Linux and running Windows and Mac in a virtual machine.
Truthfully, the real shame of STOP.THINK.CONNECT. is that it represents the first real public service campaign for computer security in the U.S. This comes almost thirty years after the first computer virus and eight years after Microsoft’s Trustworthy Computing Initiative. Threats to safe computing will only continue to increase, especially as countries continue to realize just how easily malware can be turned into a weapon. STOP.THINK.CONNECT. is right to call computer security an issue of national security, but it may come far too late to do anything about it.