Community Pick: Many members of our community have endorsed this article.
Editor's Choice: This article has been selected by our editors as an exceptional contribution.

Internet security for the home user

TeksquisiteSecurity Technology Editor
Published:
Updated:
12 Steps to a more secure Internet experience

Everyone who is a licensed driver initially had to pass a driving test that consisted of taking:

   1. a written test
   2. a road test
   3. a vision test

Learning traffic laws and knowledge of what each road sign means is integral in facilitating an orderly and timely flow of traffic. Common sense dictates that all good drivers will attempt to avoid collisions with vehicles, objects, and pedestrians.

Do you know how to drive on the Internet?

Having little or no Internet knowledge can greatly impede Internet security concerns and expose home users to viruses, malware, botnets, rootkits, and a host of other data breaching vulnerabilities.

In essence, home users are the unlicensed drivers of the Internet. There are no prerequisite tests to pass. Anyone can use the Internet as long as they have the correct components and services. All you need to get on the Internet is hardware (computer and modem) and an Internet Service Provider (ISP), and you are good to go!

In reality, the Internet is the Wild Wild West of the 21st century. We do not want to live by government regulation or censorship, but, at the same time, most of us want to be able to travel the Internet safely.

The Internet itself is a dichotomy. It is the weakest link in attracting unscrupulous characters; the strongest link in disseminating information; entirely dependent upon a global backbone to support its digital structure; and independent of global boundaries. The Internet is the Yin and Yang of the information age; though ostensibly robust, it is the same time extremely vulnerable to client-side, web application, and zero-day vulnerabilities.

Where should you begin?

There should be some simple rules in place that all home users should follow prior to using the internet. You should (at minimum) read Internet 101 from wiredsafety.org to learn the basics.

Internet security for the home user should involve a layered approach.
 
The best way to do security is in layers...think about a slice of swiss cheese. Any individual slice is full of holes, but if you get two slices, and place them on top of each other, they cover up most of each other's holes.  Get a third slice, and there are no holes left.

Computer security works the same...that way, each layer only has to be 80% effective, but if you have enough layers, there are no holes left, and that's important, because the more you strive for 100% with any one layer, the bigger and fatter it gets, with more potential for conflicts and issues.  -- Roger Thompson, Chief Research Officer, AVG
When using a layered approach you would not depend upon just one security suite to become the total answer for all of your Internet security needs. Any single defense can be flawed. Instead, you should rely upon a combination of security products and strategies to effectively manage your Internet security.
 
“Layered security is about multiple types of security measures, each protecting against a different vector for attack.” -- Chad Perrin, TechRepublic
Within the various security suites there is generally one or more components that may suffer a weakness or two. For example:  BitDefender Internet Security 2010 has an excellent anti-virus scanner but has weak anti-spyware scanning capabilities.  Though Webroot Internet Security Essentials 2010 rates high overall, the firewall is time consuming and difficult to configure. The suite also lacks parental controls, though they do offer a parental control product that is sold separately. Though Trend Micro Internet Security Pro includes an exhaustive feature base including backup and registry cleaning, their terminology differs from the industry standard and could potentially confuse a new user.

12 Steps to a more secure Internet experience

Review the Security Checklist Here

1. Test PC security at a trusted site (see security checklist)

2. Do not use a windows administrator account to surf the Internet. Microsoft recommends Setting up a Limited User account for Internet use.

If you are using an administrator account to surf the web and you get attacked from malicious software, the attacker can gain access to your computer through the administrator account. On the other hand, if you are using a limited account and get attacked from malicious software, the attacker only has limited access and won’t be able to do much of anything! (see security checklist for instructions)

3. Always create STRONG passwords.

Use strong passwords to keep the bad guys out, this should be your first line of defense. Never use personal details or easy to guess passwords, and do not use the same password at every online site!

4. Keep your PC updated using Windows automatic update

5. Keep your anti-virus software (suite) up to date (be sure it is set to auto-update).

6. Run anti-spyware/anti-malware scans on a regular basis (see security checklist for instructions)

7. The ideal firewall configuration consists of both a software and a hardware firewall

A software firewall is software program that helps protect a computer from unauthorized access. It has built-in filters  that can prevent dangerous material from entering your computer.

A Hardware firewall can provide a strong degree of protection from most forms of external attack and can be configured without much configuration difficulty. A hardware firewall is generally a small metal or plastic box filled with plug openings or ports. You would hook your computer up to this metal or plastic box via a network cable. Hardware firewalls do not prevent viruses.

8. Scan and detect application and plug-in vulnerabilities by using a software vulnerability scanner

Scan with Secunia PSI – This Personal Software Inspector program is automated and designed to scan and detect vulnerable, out-dated applications and plug-ins that expose your PC to attacks.

9. RUN a Host Intrusion Prevention System [HIPS]
 
In general terms a HIPS program seeks to retain the integrity of the system in which it is installed by preventing changes to that system from unauthorized sources. Normally it does this by generating a security popup alert asking the user whether any change should be authorized. -- Gizmo
10. Use link scanners for Internet protection from malicious websites (see security checklist)

11. Delete all Flash cookies on a regular basis (see security checklist)

12. Always BACK-UP. Back-up your back-up too!

Now that we have covered security basics you should get better mileage out of your Internet experience.  For excellent Internet Security updates follow Security_FAQs on Twitter.  Be sure to follow his security lists too!

http://twitter.com/Security_FAQs/internet-security-2

http://twitter.com/Security_FAQs/internet-security-3

http://twitter.com/Security_FAQs/internet-security-4

Until next time — Stay safe online!    
2
4,746 Views
TeksquisiteSecurity Technology Editor

Comments (3)

TeksquisiteSecurity Technology Editor

Author

Commented:
Thank you - more to come your way in the near future - :)
It’s actually a cool piece of info about home users regarding internet security. I’m satisfied that you shared this helpful information with us.
Please keep us up to date like this. Thanks for sharing.
http://www.colblog.com/best-pc-tune-up-utilities
Jaime LewisMarketing Account Manager

Commented:
Hey teksquisite! It looks like that link at the beginning of your article is broken.

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.