Regular readers know that Windows Secrets discusses the importance of PC and Internet security almost every week.
But it seems many Windows users never get the message. Here are tips for safe computing in the year 2014. Pass them along.
Rebooting the Windows Secrets Security Baseline
In the Feb. 17, 2011, In the Wild column, “Windows Secrets PC Security Baseline,” we listed the minimal steps every PC user should take to protect digital information. Back then, it was a bit easier because smartphones were not quite as ubiquitous and the first iPad had been released only the year before.
In that column we listed the four key elements for online security: a hardware firewall, antivirus software, an updated browser, and up-to-date applications. To that list, add password management. All those parts are still important. But with the evolution of online threats, the baseline of PC security has risen a notch or two. In this updated Windows Secrets Security Baseline, I’ll review what’s important today. And in a follow-up story, I’ll discuss some advanced security options.
These days, we have a lot of threats and risks to consider. Now that most of us are connected to the Internet 24/7, we face fewer worms and viruses spreading from system to system, but many more zero-day attacks that come through our connections to the Web. And to make matters more worrisome, cyber attackers are now targeting the sources of our Web experience — banks, online shopping, social networks, and many more back-end services.
Given the many ways our digital world might be compromised, I’m actually going to take a step back from the original WS Security Baseline and start with the most basic protection we have at hand: backing up our systems.
Rolling Windows back to the ‘last known good’
Using backups as a security tool isn’t new. About 10 years ago, a Microsoft Security program manager (now working at Amazon) wrote an article on the ways to recover from a system breach. He argued that you couldn’t recover a hacked system with cleaning tools alone; you needed good recovery media or a trusted backup. A decade later, that advice is still perfectly valid. To be assured you have a clean system, you need to recover or rebuild it.
Revisiting the WS Security Baseline: Part 1