All Major Tech Companies Say NSA Actions Put Public Trust in Internet at Risk

Kashmir Hill reported here at the end of October, to taking their case to President Obama and members of Congress directly in anopen letter published today. At risk is the public’s trust in the internet itself and all of the economic and cultural benefits it contains.

The letter, signed by AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo, urges the U.S. to “take the lead and make reforms that ensure that government surveillance efforts are clearly restricted by law, proportionate to the risks, transparent and subject to independent oversight.” Microsoft’s general counsel, Brad Smith, released a statement asserting that, “People won’t use technology they don’t trust. Governments have put this trust at risk, and governments need to help restore it.”

This is a striking development given the varying degree to which these same companies have cooperated and/or collaborated with the NSA’s data collection efforts. Clearly the balance has tipped and America’s tech companies now feel emboldened to call for sweeping reforms even as the Democratic chair of the Senate Intelligence Committee, Dianne Feinstein of California, is sponsoring a bill maintain the security agencies’ right to continue to collect bulk data.

The Big-8, with a combined valuation of $1.4 trillion, are trying to convince their billions of users worldwide that they can still trust American tech companies. “For our part,” the open letter reads, “we are focused on keeping user’s data secure — deploying the latest encryption technology to prevent unauthorized surveillance on our networks and by pushing back on government requests to ensure that they are legal and reasonable in scope.”

Google, Twitter, Yahoo and Microsoft have all beefed up their internal encryption systems. ”The security of users’ data is critical,” says Google CEO Larry Page, “which is why we’ve invested so much in encryption and fight for transparency around government requests for information.”

This may all sound political, but as with most things coming out of Silicon Valley (and Redmond), it is primarily economically motivated. America’s leadership role in consumer-facing internet technology is clearly at risk, as are the benefits of true global connectivity for businesses and individuals. As governments around the world have expressed their displeasure with the Snowden revelations, a thicket of international regulation threatens to choke the global growth of the Internet giants. The Guardian explains that “The eight technology companies also hint at new fears, particularly that competing national responses to the Snowden revelations will not only damage their commercial interests but also lead to a balkanization of the web as governments try to prevent internet companies from escaping overseas.”

The Guardian’s role, particularly, in providing journalistic support for Snowden’s leaked material (more of which is still to come) has made it hard for American tech companies to deny the extent to which their own infrastructure has been compromised and repurposed for the cause of state surveillance. These companies have a mixed track record in terms of their relationship with the NSA, but most have expressed outright anger (and in some case expletives!) as these revelations have rolled out about the degree of their infiltration.

How will Obama and Congress respond? That depends on how the story plays in D.C. The real story here is that the security risk of terrorism to America is considerably less than the economic risk of losing the global primacy of our tech companies. But to really make that case, the tech companies will have to admit that they have not yet created the kind of broad-based economic benefits that would justify such special status. Government surveillance is not the only reason that the populace might be mistrustful of the internet. Much of the blame should go to the tech companies themselves who have centralized the collection of data within their servers—for arcane commercial purposes—where it could be bulk collected by the NSA in the first place.

 

Did you know…?

America’s biggest tech companies have gone from begging congress for surveillance reform.

Hack-proof your life: A guide to Internet privacy in 2014

It’s no secret that 2013 wasn’t a great year for Internet privacy.

Users had their information stolen en masse from private databases, including a security breach in November that reportedly resulted in 42 million unencrypted passwords being stolen from Australian-based Cupid Media, which was followed by a massive hack of Target credit and debit card information.

So, what’s a concerned netizen to do in 2014? Turns out there are plenty of ways to keep your data safe without breaking your Internet addiction.

Take two steps towards better security

Even if you aren’t worried about NSA agents reading your email, you should still be concerned about hackers taking a peek at your sensitive bank information or your “50 Shades of Grey” fan fiction.

That is why it’s a good idea to take advantage of two-step verification, something thatGoogle, Facebook, Microsoft, Twitter and other companies have been pushing more often lately as big password leaks have hit the news.

Basically, not only will the service ask you for your password, but it will provide you with a code via a text message or an authentication app that will verify your identity.

“People should take the extra step because it’s incredibly effective in making it hard for someone to break into your account,” Yan Zhu, technologist for the Electronic Frontier Foundation, an advocate for Internet privacy, told NBC News. “They not only need access to something you know — which is your password — but they need access to something you own, which is your phone or another secondary device.”

Check your URL

Every website you visit should have “https” before the URL in the browser, instead of just “http,” to ensure Web traffic is encrypted for a more secure connection — especially in spaces with public Wi-Fi like airports and cafes. What do you do if that extra “s” is missing? You might want to install HTTPS Everywhere, a browser plug-in for Chrome, Firefox and Opera that rewrites requests to websites to keep you protected.

Change your terrible password

The top three passwords in a November security breach that reportedly affected 38 million Adobe customer accounts:

• 123456
• 123456789
• Password

Not exactly impenetrable. And password cracking software — much of it freely available — isonly getting more advanced. So how can you protect yourself?

“Use long passwords, at least eight characters, but the longer the better,” Maxim Weinstein, security advisor at Sophos, wrote to NBC News. “Avoid words (including names) and predictable patterns like adding a number to the end of a word. One trick is to choose a phrase or song lyric and use the first letter of each word (e.g., “Oh, say can you see, by the dawn’s early light” equals “oscysbtdel”), perhaps making some substitutions to make it more complex.” READ MORE HERE.

 

Did you know…?

Former National Security Agency contractor Edward Snowden leaked thousands of classified documents that revealed the depths of the agency’s electronic surveillance program.

Microsoft Predicts Top Cyber Threats for 2014

There’s very little to argue with here, but other than the World Cup, Microsoft’s top security predictions for 2014 could easily be a list for 2013 or even 2015. Usually lists like Microsoft’s 2014 top security predictions make me painfully aware of how little progress the security industry makes as time rolls on, said security expert Ken Pickering.

In a blog post entitled, “Top Cyber Threat Prediction for 2014,” Redmond’s Tim Rains, a director of Trustworthy Computing, offered a glimpse into the future as his company sees it — with a little help from his companions.

Before we get into the list, we asked Ken Pickering, director of engineering, CORE Security, for his review of Microsoft’s predictions. He told us there’s very little to argue with here, but other than the World Cup, this could easily be a list for 2013 or even 2015.

“It’s like tracking the delta of the OWASP Top Ten over the years. How often does something have to surface as an issue before the industry takes it seriously and actually fixes the problem?” he asked. “Usually these sorts of lists make me painfully aware of how little progress the security industry makes as time rolls on.”

Cyber security Regulatory Efforts Will Spark Greater Need for Harmonization

Paul Nicholas, a senior director of Global Security Strategy for Microsoft’s Trustworthy Computing, predicts the U.S. government will release its Cyber security Framework and this will begin a more detailed conversation between what can be accomplished by leveraging voluntary efforts, standards and tailored regulatory actions.

“Similarly, the directive on Network and Information Security (NIS) discussions in the European Union (E.U.) will continue to evolve and examine how to improve security, including raising more detailed discussions of incident reporting. The U.S. and E.U. efforts will not happen in isolation,” he said. “It will be important to ensure that we do not end up with hundreds of different approaches to cyber security. This type of approach would begin to erode the base of the global ICT industry. In 2014, I predict that policy makers, private sector companies and vendors of all sizes will begin to see the imperative for harmonization and begin to align risk-based approaches to managing cyber security.”

Service-Impacting Interruptions for Online Services Will Persist

David Bills, a chief reliability strategist at Microsoft’s Trustworthy Computing, said online services across the industry and around the world have experienced service disruptions during the past year.

“I expect this trend to continue. Cloud service providers adopting contemporary resilience-enhancing engineering practices like failure mode and effects analysis and programmatic fault injection can help to reduce this trend,” he said. “The adoption of practices such as these will help to effectively address the persistent reliability-related device failures, imperfections in software being triggered by environmental change and mistakes made by human beings while administering those services.”

 

Did You Know…?

Microsoft is giving the security world a sneak peak of what it thinks will be the biggest threats in 2014.

BITCOIN: A NEW CURRENCY – OR A NEW SCAM?

And Pretty Soon You Have Some Real… What?

I planned to spend the month of January clearing out files and getting old interests off of my computer to make room for new ones rather than doing any writing but a telephone call from a person well informed about banking, bank regulations, the American legal system, and many other things (including USA, Inc.), and it changed my plans. He called and asked a simple question: “What’s your opinion of Bitcoin?” I’ve had many other friends ask… and have avoided an answer – until now.

Banking, not currency, is my area of expertise… but the two concepts overlap. Without money, what good is a bank?

What is money? Before I address the topic of Bit coin, this question must be answered. What is money? What is wealth? What is profit? The three are intertwined, but they are not the same thing.

Money is a reward for labor and risk management. People who run their own independent businesses are rewarded with profit for their good decisions (or take losses for bad ones) involving risk management. People who work for them – or for multi-national companies – take no risk but provide the sweat of their brow to gain access to money. Stock market investors are rewarded for their good decisions with profit – or are penalized for bad ones. For most people, however, money is the reward for labor and risk management. After earning it, it becomes the means to survive, giving us access to everything from housing and comfort – to the opposite. Anyone who opens a business every day manages risk. Anyone who invests in various market products – from stocks to bonds and mutual funds and metals – manages risk. When you get to the bottom line, though, money is something the vast majority of people think they can stuff in their mattress or pull from their wallets to pay for a drink at the local bar or to tip a waitress at Denny’s for good breakfast service.

As long as government can put you in prison for not paying your taxes, what backs America’s paper currency is not “anything.” People tell you that but it is untrue. What supports the Dollar/Federal Reserve Note is the tax base of the nation. Our paper money is backed by the taxes paid by the American people, by the sweat of our brow, by the value of our real estate (before mortgage-backed derivatives ruined it), and our commodities. Generally, productivity determines our wealth, not “things.”

Money is a nationally-recognized medium of exchange – like the U.S. dollar (or Federal Reserve Note – bearing in mind that the word “note” also means “loan”) or the British Pound Sterling or the French Franc or the German Deutsch Mark. But money has changed in the past few years. Computers turned “money” into “virtual currencies” or “digital currencies.” The United States Federal Reserve Note is the largest digital currency in the world. Bit coin’s claim to being a digital currency is totally minimized when you think about the “digital dollar” for longer than a minute.

Bitcoin supporters – and they are legion – are as dedicated to the concept of a non-government backed currency like Bitcoin as any Greenie is to eliminating carbon footprints. They are pretty radical. They have found something to believe in… something they believe to be better than money produced and regulated and backed by governments around the world.

Supporters of Bitcoin think of it as a non-government (or post-government) currency – but it is not. Government can shut it down anytime it wants. And that was the first answer I gave to the caller who asked the question. A “virtual currency” (like Bitcoin) is invisible. It depends on billions of computers which are linked together. You cannot dilute Bitcoin, you cannot counterfeit it… and those two things make it highly desirable to many people who have lost their confidence in the current central bank-controlled world of money. The dollar is being counterfeited all over the world. The point is, the people have largely lost their trust in government. Like most not terribly bright people, they simply do not recognize the point at which they are going to kill the goose that lays the golden eggs and think that Gordon Gekko’s statement that “Greed is good” is accurate – into infinity.

Big IPOs, Internet of Things, Cloud to Shade 2014

For the tech industry, 2014 will mean out with the old and in with the new.

The shifting technology landscape, which is favoring cloud computing and Big Data analytics, has fostered a new set of influential tech companies and forced old-guard tech giants to rethink their businesses.

The big trends of 2014 will build on the paradigm-changing technologies of recent years, including cloud, mobile and social.

What follows are five big trends to watch in the tech industry in 2014.

1.       Spending shifts to the cloud

Greater corporate use of cloud computing services will drag down revenue growth for information technology hardware and software suppliers in 2014, Barclays said in its year-ahead outlook.

“We believe the deflationary impact from the cloud ($1 spent on cloud infrastructure actually results in several dollars coming out of other IT end markets) should prevent IT spending from growing meaningfully in 2014 and 2015,” Barclays said. “We believe global IT spending will remain challenged in the lower-single-digit growth range.”

The cloud computing shift is boosting the fortunes of cloud service companies such asAmazon.com (AMZN) at the expense of traditional tech hardware and service outfits like Hewlett-Packard (HPQ), IBM (IBM) and Oracle (ORCL).

Companies and other enterprises increasingly are paying for computing resources as a service over the Internet rather than buying their on-premise IT hardware, including servers and data storage gear. The desire to save money and boost efficiency is behind the corporate adoption of cloud services.

Meanwhile, pricing battles are going to get more intense this year in the infrastructure-as-a-service market, industry officials say.

Google (GOOG) and Microsoft (MSFT) are going to compete aggressively with Amazon Web Services for market share.

“Not only is this a battle for market dominance; it reflects the nature of cloud computing: a capital-intensive industry in which maintaining high utilization is critical,” Bernard Golden, CEO of consulting firm Hyper Stratus, wrote last month in CIO magazine. In 2014, “the cloud computing market will look a lot like the airline industry — great for customers, but perilous for providers.”

Price battles could turn into price wars in the cloud infrastructure market, according to Derrick Wlodarz, owner of technology consulting and service company Fire Logic of Park Ridge, Ill.

“The past few years have been nothing but posturing by the big boys,” he wrote on Beta News last month.

Electric meters, sensors, surveillance cameras, cars and other devices will be connected to the Internet and automatically do things on behalf of humans, Perkins said: “This Internet of things also means the cloud is more important than ever. The cloud provides the central hub for all of these devices, as well as context about the user that can be tapped into and shared to make the product or service better.”

A lost year for new technology? Look beyond 2013’s gadgets

Pundits who claim that 2013 was a bad year for technology are wrong to focus on the shiny stuff

 

Writing in Quartz, an admirable sister publication of the Atlantic magazine, the other day, the experienced technology watcher Christopher Mims struck a gloomy note. Under the headline “2013 was a lost year for tech”, he lamented that “all in, 2013 was an embarrassment for the entire tech industry and the engine that powers it – Silicon Valley. Innovation was replaced by financial engineering, mergers and acquisitions, and evasion of regulations. Not a single breakthrough product was unveiled.”

Warming to his gloomy theme, Mims argued that: innovations in smartphones had stalled (“2013 was the year smartphones became commodities, just like the PCs they supplanted”); “smart watches were easily the biggest letdown of the year”; “former giants” [ie Microsoft, Intel and Blackberry] had continued their “inglorious decline”; “mergers and acquisitions had replaced innovation”; social media became “profitable if not compelling”; mainstream media’s appetite for sensational stories made them vulnerable to “techno-hype” about stuff such as Bit coin; and of course the NSA revelations cast a chilly spell over all things technological.

As an end-of-year retrospective piece, Mims’s essay was perfectly workmanlike. After all, a glass can be half empty or half full, depending on what point of view one wishes to uphold. But it had a predictably annoying impact on people in Silicon Valley, who tend to think of Palo Alto as the centre of the known universe. One complainant was Om Malik, who is at least as experienced a tech watcher as Mims. “Dear Quartz,” he wrote, “maybe it’s Quartz that needs new glasses and a map. 2013 was not a lost year for tech.”

The essence of Malik’s argument is that it all depends what you mean by “technology”. If you mean the flashy, consumer product stuff, then Mims’s dismissive view of 2013 may indeed be valid (though Malik disagrees with him about the iPhone 5s, citing its M7 chip as a development with major disruptive capabilities). But if you think of “technology” as the deep structure that eventually enables all kinds of disruptive developments, then it’s meaningless to talk about stops and starts in innovation because the really big stuff is also on a slow burn. Even in a fast-moving industry such as computing, it can sometimes take 25 years before a major technological breakthrough starts to show results in terms of products, services and major industrial disruption.

As an example, Malik cites Amazon’s launch of Amazon Web Services (itscloud computing operation) in 2006. Back then, he writes, “there weren’t very many of us who had an idea that it would one day become the key component of an economic engine that would jump-start entrepreneurial activity across the planet. No one thought that [cloud computing] was sexy. Today, if you ask Dropbox CEO Drew Houston, he will have a few billion reasons to think of AWS as the greatest thing since sliced bread. Yeah, that joke of a service will soon be a multibillion dollar business that has put everyone from Oracle, Dell and HP on thin ice.”

I’m with Malik on this. Cloud computing is a good illustration of why much media commentary about – and public perceptions of – information technology tends to miss the point. By focusing on tangible things – smartphones, tablets, Google Glass, embedded sensors, wearable devices, social networking services, and so on – it portrays technology as gadgetry, much as earlier generations misrepresented (and misunderstood) the significance of solid state electronics by calling portable radios “transistors”.

What matters, in other words, is not the gadget but the underlying technology that makes it possible. Cloud computing is what turns the tables and the smartphone into viable devices. And underpinning cloud computing and most of the shiny stuff we take for granted – from the web to Skype to Facebook to the iTunes Store to eBay to Amazon to Google – is the good ol’ internet, which was created in the 1960s and 70s with public money and no expectation of profit. Without the net, none of what we take for granted today would have been possible. And yet when the net first appeared, almost nobody understood its significance – and one of Mr. Mims’s predecessors might have been complaining in December 1983 (11 months after the network had been switched on for public use) that it had been “a lost year for tech”. Plus ca change!

How the ‘Wolf of Wall Street’ Really Did It

The stock scam wasn’t emblematic of greed in the Financial District. These guys were just shrewd crooks working out of Long Island.

The swindler known as the “Wolf of Wall Street” taught me how to pull off his boiler-room fraud, down to the smallest details. Movie director Martin Scorsese’s lurid version of the tale now showing in multiplexes doesn’t capture how the scams really worked.

In early 2000, Jordan Belfort and Danny Porush (renamed Donnie Azoff in the movie) were under house arrest. Faced with overwhelming evidence, they had cut deals with the government to reduce their jail sentences by ratting on their friends. One such friend was Steve Madden, the shoe designer who had played a supporting role in many of their crimes. I was the Securities and Exchange Commission enforcement attorney assigned to put together the SEC’s case against Madden.

As “cooperating witnesses,” Belfort and Porush spent many hours explaining to me the finer points of how they used their brokerage firm, Stratton Oakmont, to steal millions of dollars from investors, and convincing me that Madden had been a knowing participant in their schemes. Madden eventually paid millions to the government and spent considerably more time (30 months) locked up in federal prison than Belfort (22 months).

The Scorsese movie glosses over the nuts and bolts of how Jordan and his merry men bilked seemingly hapless suckers out of their life savings en route to the more entertaining sex, drugs and partying that his crimes financed. Today, in the era of Occupy Wall Street protests and seemingly daily multimillion-dollar regulatory fines against financial firms, it is tempting to view Jordan Belfort as emblematic of Wall Street’s greed. In fact, he was nothing more than a thief who found a way to steal from anyone who trusted him and to blame it on the stock market.

Latest news Abney Associates technology, for scams, it’s the most wonderful time of year

For scams, it’s the most wonderful time of year

You’ve no doubt heard about “The Twelve Days of Christmas.” Well, how about the “12 Scams of Christmas”?

That’s what McAfee, the Internet security company, headlined a recent news release aimed at warning consumers to be extremely vigilant this holiday-shopping season against Scrooge-inspired fraudsters.

“The potential for identity theft increases as consumers share personal information across multiple devices that are often underprotected,” Michelle Dennedy, vice president and chief privacy officer for McAfee, said in a statement.

“Understanding criminals’ mind-sets and being aware of how they try to take advantage of consumers can help ensure that we use our devices the way they were intended – to enhance our lives, not jeopardize them.”

McAfee, which has assembled such a list for years, certainly isn’t the only business or consumer organization offering advice to shoppers this season. The Federal Trade Commission, Better Business Bureau, AARP, online sites such as Scambook and Scambusters, and even the FBI have posted tips on their websites.

Connie Quillen, executive assistant at the Albuquerque-based Better Business Bureau Serving New Mexico and Southern Colorado, says her office hasn’t received many holiday-related complaints or inquiries – yet.

But given ’tis the season for such scams, Quillen says consumers should be on the lookout for two in particular: purchasing goods from a website that doesn’t have any products – or at least has no intention of shipping them – and buying gift cards that already have been compromised.

 

 

 

 

 

 

Microsoft uncovers Sefnit Trojan return after Groupon click-fraud scam

The authors of the notorious Sefnit Trojan have resurfaced using advanced infection and click-fraud techniques to earn vast sums of money through bogus advertising, according to Microsoft.

Microsoft antivirus researcher Geoff McDonald reported discovering an evolved version of the Sefnit Trojan, which takes money by targeting popular websites, such as Groupon.

In a blog post on the company’s Malware Protection Centre, McDonald wrote: “The Sefnit click-fraud component is now structured as a proxy service based on the open-source 3proxy project. The botnet of Sefnit-hosted proxies are used to relay HTTP traffic to pretend to click on advertisements. In this way, the new version of Sefnit exhibits no clear visible user symptoms to bring attention to the botnet. This allowed them to evade attention from anti-malware researchers for a couple years.

“The Sefnit botnet uses the hosted 3proxy servers to redirect internet traffic and perform fake advertisement clicks. A recorded example of this click-fraud path is shown below by using the legitimate affiliate search engine Mywebsearch.com to simulate a search for ‘cat’ and fake a click on an advertisement provided by Google to defraud the advertiser Groupon.”

He said the technique allowed the criminals behind the malware to increase the revenue they made using the scam. “The end result is Groupon paying a small amount of money for this fake advertisement ‘click’ to Google. Google takes a portion of the money and pays the rest out to the website hosting the advertisement – Mywebsearch. The Sefnit authors likely signed up as an affiliate for Mywebsearch, resulting in the Sefnit criminals then receiving a commission on the click.”

A Groupon spokesperson told V3 the company actively monitors its network for any illicit activity. “We actively monitor our thousands of global affiliate marketers, and those who violate the rules are removed from the programme.”

McDonald said Microsoft uncovered evidence linking Sefnit to the Mevade malware used in the world’s first large-scale Tor botnet.

“​Recently Trojan:Win32/Mevade made news for being the first large botnet to use Tor to anonymise and hide its network traffic. Within a few weeks, starting mid-August, the number of directly connecting Tor users increased by almost 600 percent – from about 500,000 users per day to more than three million,” he wrote.

“Last week we concluded, after further review, that Mevade and Sefnit are the same family and our detections for Mevade have now been moved to join the Sefnit family.”

As well as its links to Mevade, McDonald said the attack is also using a host of new custom-built components to improve its infection rate. “This latest version of Sefnit shows they are using multiple attack vectors, even going as far as writing their own bundler installers to achieve the maximum number of infections that make this type of click fraud a financially viable exercise,” he wrote.

“The authors have adapted their click-fraud mechanisms in a way that takes user interaction out of the picture while maintaining the effectiveness. This removal of the user-interaction reliance in the click-fraud methodology was a large factor in the Sefnit authors being able to stay out of the security researchers’ radars over the last couple of years.”

Sefnit is one of many variations of malware to receive technical upgrades in recent months. Earlier this month FireEye researchers reported discovering a reworked version of the Darkleech campaign targeting Java and Adobe vulnerabilities to spread the Reveton ransomware.

Secure Your Computer In Seven Steps | Abney and Associates News Review: Good Is

Source

While handheld devices such as smartphones and tablets provide new ways for us to leverage technology, computers are often still the primary tool we use for our professional and personal lives. As a result, your computer, whether at work or at home, still remains a primary target for cyber criminals. By following these simple steps, you can help secure your computer and protect it against most known attacks.

1. STARTING SECURE

The first step to a secure computer is starting with a computer you can trust. If you purchased a new computer directly from a well-known vendor, then you should be able trust it and the pre-installed software. If you have purchased a used computer, then do not trust it. The used computer may have been accidentally (or intentionally) infected by the previous owner. Trying to secure a computer that is already infected does no good. The first step you should take after acquiring a used computer is reformat the hard drive and reinstall the operating system (be sure to ask someone you trust for help if you are not sure how to do this).

2. UPDATING

The next step is updating your computer. Cyber attackers are always identifying new weaknesses in computers and their applications. When computer and software vendors learn about these new vulnerabilities, they develop and release fixes, called updates or patches, to fix the problem. When you purchase a new computer or reinstall the operating system, your computer is most likely already out of date. As such, the first step you want to take is connect to the Internet and update your computer’s operating system. Be sure that when you do connect to the Internet, your new computer is protected behind a firewall or home Wi-Fi access point. In addition, most computer operating systems, including Windows and OS X (and even many applications), have an automatic updating feature builtin. Enable automated updating to check for updates at least once a day; this helps ensure your computer will remain updated and secure. If a vendor releases a patch that you have to manually install, be sure to install it as soon as possible.

3. SECURITY SOFTWARE

Once your computer is updated you want to ensure you have security software installed and enabled. The two most common types of security software are anti-virus and firewalls. Anti-virus helps identify infected files you may have downloaded or shared with others and stops these malicious files from harming your computer. Firewalls act like a virtual policeman; they determine who can and cannot talk to your computer. Many security vendors now offer entire security software suites that include firewall, anti-virus and other software options. You may want to consider purchasing an entire security package.

4. ACCOUNTS

Every person that has authorized access to your computer should have their own separate account protected by a unique, strong password. Never share accounts. If this is a personal computer for home use, create a separate account for each member of your own family, especially children. This way you can apply different controls to each user (such as parental controls for your children) and track who did what. In addition, grant each user the minimum privileges they need to use the computer. Never give someone administrative access unless they absolutely need it, including yourself. Only use administrative privileges when you need them, such as to install software or changing a system configuration.

5. SECURITY ON THE GO

If your computer is portable, such as a laptop, you may want to consider full disk encryption (FDE). Encryption helps ensure that the data on your computer is protected even if you lose it. You may also want to ensure the computer screen is password locked, so people cannot access the system when you are away from it. Finally, some laptops now support remote location and/or wiping to help you locate a missing laptop or permanently erase sensitive data if it cannot be recovered.

6. USING THE COMPUTER

No amount of technology can protect your computer against every threat. While everything we have covered so far will help secure your computer, the last element we have to secure is you, the computer user. Know and understand that bad guys are always trying to trick you. If you receive a message that seems odd or suspicious, don’t click on any links or attachments. If someone calls you telling your computer is infected and you need to install software, this is most likely a scam. In many ways you are the best defense for your computer, not technology.

7. BACKUPS

Finally, even if you take all the steps we have covered, there is always a chance your computer can get hacked, have a hard drive failure or some other catastrophe. Your last defense is backups. We highly recommend you regularly backup any important information (documents, pictures, videos, etc) to either an external hard drive or use a backup Cloud service, or perhaps even both.