Your computer is important for your day to day activities—surfing the web, checking emails, banking and maybe even shopping.
However if you don’t protect your computer properly, you are putting yourself and possibly your family and friends at risk. So make sure it is protected from harmful emails and viruses, and from unauthorised people accessing your internet connection and personal information.
By following the steps below you can:
- develop safe online habits and plan an effective approach to online security
- protect your computer from malicious software such as viruses or spyware
- prevent any unauthorised person from using your computer
- make sure no one can secretly use your internet connection, and
- recover important information if your computer is stolen.
Step 1: Set and protect your passwords
A password on your computer is like a lock on your front door—it prevents strangers walking into your house and stealing your possessions. Using a password and changing it regularly makes it hard for other people to access the information on your computer.
When you have set a password, your computer will ask you to enter the password whenever you turn it on or ‘wake it up’ from its screen saver.
Passwords aren’t absolutely unbreakable, but they can strongly deter unauthorised people from using your computer.
How to set and protect passwords
- Choose a ‘strong’ password.
Using strong passwords can help protect them from being 'cracked' or guessed. A strong password consists of:
- a minimum eight characters
- a mix of upper and lower case letters
- at least one numeral, and
- at least one non-alpha numeric character—for example, a symbol.
With the computing power and resources available today, it is estimated that a password with these features would take several years to crack. Passwords with fewer characters that have all letters or all numbers can be cracked within a few minutes. Strong passwords can still be captured by some types of malware designed to capture key strokes and stored passwords on the computer, so a strong password is not a substitute for implementing good security practices more generally.
- Avoid using dictionary or foreign words. Hackers have many tools, such as dictionary programs, to assist them.
- Avoid passwords that would be readily identifiable or easy for anyone to guess, such as your name or business name.
- Never share your password with anyone. Passwords are often used to protect personal or financial information, so they need to stay private.
- Memorise your password if you can. If you need to write it down in order to remember it, hide it somewhere safe.
- Change your password at least twice a year—consider making a diary entry to remind yourself.
- Never send your password via email or store your passwords in plain text on your computer. Listing your passwords and accounts in a spreadsheet on your computer could lead to someone compromising all your accounts.
- Never reuse old passwords. Use a completely new password every time you change your password.
- Use different passwords for different systems—otherwise if one is compromised it may give an attacker access to a range of online accounts. For example, use a password for online banking that is different to the ones you would use for email or social networking.
- Be careful using your password on a public internet terminal (such as an airport or internet cafe). Read more about how to protect yourself when using Public computers.
Top tip for password creation
To make a password easy to remember, think of a pass phrase and then change some of the characters to make it a strong password. For example:
- Be good, be wise can be modified to: B3g00db3wi5e$
Step 2: Use and update anti-virus software
Use anti-virus software to prevent viruses from damaging your computer. Anti-virus software helps prevent infections from a wide range of malicious software (also called malware). Malware can be transmitted by downloading infected programs from websites or clicking on a web link in an email.
Computer malware is a serious threat. It can:
- steal your passwords or other personal information
- allow a criminal to take control over your computer in support of other criminal activities
- allow a criminal to impersonate you online, resulting in theft of your identity and fraud
- slow down your computer
- corrupt or destroy files
- delete files, and/or
- automatically forward the virus to other computers without your knowledge.
Fortunately there is effective anti-virus software available that checks for and removes most computer viruses and can protect your computer from being infected by viruses.
Step 3: How to install and use anti-virus software
- Install and activate anti-virus software on your computer. Most computers bought in the last few years have trial anti-virus software already installed on them.
If you don’t have any anti-virus software on your computer you can:
- select and install a commercial product of your choice, or
- select a free for non-commercial use software product
- Some free products are as good as commercial products or better. It is better to have up-to-date free anti-virus software than expired commercial software that has passed its licence period, or no anti-virus software at all. Make sure your anti-virus software is always turned on and set to scan incoming and outgoing email. When the subscription is due, renew your anti-virus software or replace it with a similar product.
- Set your security software to automatically update. New viruses are circulated on the internet regularly, so it is important that you anti-virus software is up-to-date.
Most of the well-known anti-virus software can be set to automatically check the vendor's website for updates to the anti-virus software. It can install updates on the computer immediately or at your nominated time. Activating the automatic update feature will ensure you remain protected.
- Check your computer is not already infected with a virus. If it is infected, remove the virus. To check if your computer is infected with a virus and remove it, run your anti-virus software and follow your instructions. You should run your anti-virus software at least once a week.
- Install anti-spyware software, a firewall and an anti-spam filter. This will ensure that you are protected against viruses, spyware and hackers.
- Be smart about using the internet to prevent viruses.
- Do not open email attachments if you do not know the sender.
- Scan email attachments with anti-virus software before opening them.
- Only download files from reputable internet sites.
- Be wary when exchanging files with colleagues or friends.
- Never click on hyperlinks in emails received from unknown sources.
- Keep yourself informed about latest security threats. Subscribe to email notification services that keep you informed about the latest in security problems and solutions. You can sign up for the free E-security Alert Service from this website.
Alternatively, your anti-virus software vendor may have an email alert system. Look for a 'keep informed' tab or section on the software’s main screen.
Step 4: Install and use a firewall
A computer without a firewall is like a house without doors—there is nothing to control who or what enters or leaves.
A firewall monitors information going in and out of your computer. It can be in the form of a software program or a piece of hardware. It is designed to let through the websites and files you want to view on the Internet and block those that you don't.
Have a firewall permanently turned on as the first line of defence against viruses, spyware and hackers. Always use a firewall, as well as anti-virus and anti-spyware software.
It is important to have a firewall to ensure that you can control what is being installed on your computer. For increased security, any computer or computer networks connected to the internet should have firewall protection.
How to install and configure a firewall
There are two types of firewalls—software firewalls or hardware firewalls. Many people use both forms because most computers and modems often come with firewalls.
To check if your computer has a software firewall look in the main program menu for any program name that mentions security or firewalls.
It is important to configure your firewall properly so it can protect your computer. Some firewalls have tutorials that can help you configure your firewall properly. You can also look into the help section in your firewall program.
A firewall monitors information going in and out of your computer. According to a predefined set of rules. A firewall cannot block all forums of malicious traffic but it can help stop types of attack.
There is a wide range of other specialist software available that provides a good level of protection. Some software is available as 'freeware', i.e. at no cost to home users, although some of these may have fewer functions.
For people with broadband connections, the dual function modem-router provides connectivity to the internet and the ability to restrict inbound and outbound connections in the same way as a firewall. This helps stop hackers getting access to your computers.
Routers use private address ranges by default for the internal network as an additional security feature which helps protect computers on your home or business network.
If you have doubts about hardware firewalls on any device in your home or office, look up the website of the hardware vendor and do a search for the term 'firewall'.
Step 5: Smart settings for your web browser
A web browser is the software we all use to view websites. Today most computers come with a web browser already installed. However, there is no guarantee that the web browser has been set up with the right security settings for your needs. Hackers know how to exploit web browser settings, so it is important to select the right settings to protect your personal information.
The higher you set your security levels, the fewer options and functions you will have available, but your internet access will be more secure. You have to decide on the right balance for you between being as secure as possible and experiencing every feature of every website.
How to configure smart settings for your web browser
- Look for your browser's security functions (these can usually be found in one of the drop-down menu items) and set them to the level most suitable for your needs. Most browsers provide advice on each of the security settings and explain the advantages and disadvantages of enabling or disabling functions and high and low security settings.
- Visit the website of the vendor whose browser you use to learn more about its security settings. If a vendor does not provide information on how to secure the browser, it is important to contact them and ask for it.
- If you are given the option of choosing security levels, but you are in doubt about the right one, set the level to high. However, it is important to understand that the higher you set your browser security settings, the more you may limit, or restrict completely, the functions you can perform on the internet. This may limit your experience using some websites.
- Keep your web browser up-to-date by visiting the vendor's website frequently. Most internet browsers provide a facility that alerts you to updates and possible security problems and explains how to fix them.
Step 6: Reduce unwanted emails—managing spam
Spam is the internet equivalent of junk mail in your letter box. Spam emails are commercial electronic messages that have been sent to you without your consent. Senders often attempt to buy, sell or advertise goods, services, land, investment opportunities and so on through spam.
Spam not only fills your inbox with annoying, unwanted messages, but also costs you the time it takes to delete them. And if the spam problem is particularly bad, you may encounter increased costs because they may use your monthly download allowance.
Viruses and spyware are often sent as spam so it is important to have systems to deal with spam safely.
How to reduce unwanted emails (spam)
How to reduce spam getting through to your email box
It is possible to take steps to reduce the amount of spam you receive. You can:
- activate any spam filtering options that your Internet Service Provider (ISP) offers—check their website
- install a spam filter to stop spam emails getting to your inbox—you will find spam filters through your preferred search engine and your ISP may list effective spam filters on its website, or
- activate any spam filtering function provided by the email program you use.
How to deal with any spam that gets through to you
There are a number of steps you can take.
- Add the spam address to 'junk senders'. Most email programs have the ability to add them to a 'junk senders' list which blocks them next time they try send email to you.
- Do not respond to spam from unknown sources—do not use the 'remove' or 'unsubscribe' link or click on any button in the email such as Quit. These links can be used to confirm that an email account is active, and can lead to even more spam being sent.
- If the source seems genuine, and the message appears to promote a legitimate Australian business, contact the business and ask them to take you off their mailing list.
- Do not open attachments in any messages if the source of the message is unknown or is suspicious.
- Report spam to Computer emergency Response Team of Mauritius(CERT-MU) on www.cert-mu.org.mu
Step 7: Control your internet connection
More and more Australians are connecting to the internet using a broadband connection, whether it is ADSL, wireless or cable.
Broadband enables you to be constantly connected to the internet at a faster speed. However, a faster internet connection is more attractive to people who want to gain illegal access to your computer.
However there are a number of things you can do to make sure you can control your internet connection and stay smart online.
How to control your internet connection
- Always turn off your internet connection when you aren't using it.
- Follow Steps 1 to 6 in this section to ensure your computer is protected when you are online.
- Follow Steps 1 to 7 transact safely online.
Step 8: Back-up your data
Create a copy of all the data and programs on your computer and keep it in a secure place.
Creating a copy or a back-up of data is a sensible and easy way to help you recover your information from your computer if a virus destroys your files, or your computer is stolen or destroyed in a fire.
Consider the financial risk and frustration if you lost all the data on your computer as a result of a fire or a virus can be just as destructive.
You can either:
- back-up all the data and certain programs on your hard drive each time you do a back-up, or
- perform incremental back-ups, which means that you only back-up the files that have changed since the last time you backed up.
How to back-up your data
- Assess what data and programs on your computer need to be backed up and how often. For example, you will need to back-up operating and applications software when it is purchased. Once a week may be appropriate to back-up current and past client folders, email folders and files to do with your office, home accounts and finances.
- Select a back-up device that is large enough to store the backed-up files and fast enough so it is not too time-consuming to do back-ups. Examples include CDs, DVDs, memory sticks or an external hard drive.
- Make a repeat note somewhere obvious, such as in an office diary, reminding you to do the back-up.
- Test the data that has been backed-up to make sure the process is working properly.
Store the back-up copies in a safe location away from your computer systems i.e. away from your home or business premises.
Step 9: Be smart about sharing files
Be smart about security when sharing files with others via email, CDs, memory storage devices or peer-to-peer sharing systems.
The internet, email and devices for transporting files such as CDs and memory sticks have made it easy to share files with colleagues and friends. It is now a common thing to do. But you need to have your security software activated (firewall, anti-virus and anti-spyware) when sharing files because some files may contain viruses and spyware.
Another form of swapping files is called 'peer-to-peer file-sharing'. This term refers to a system that allows a person to make specific files on their computer available to anyone, anywhere on the internet, who has the same file-sharing software. This software allows its network of users to see and download files from the computers of all the network members who are online at the same time.
Peer-to-peer file-sharing has received a lot of publicity because it is widely used for sharing files such as music or computer software. Be careful. Sharing some files may contravene copyright laws.
How to be smart about sharing files
Receiving files via email
- Never open an attachment from a source you don’t know or are unsure about.
- If you are comfortable about the source of the file, scan the file before opening it using your anti-virus and anti-spyware software. You might know the person who sent it but they may not know that the file they are sending you contains a virus or spyware.
- Set your anti-virus and anti-spyware software to scan every incoming email and attachment automatically.
Receiving files via portable storage devices
Portable storage devices could be a CD, DVD, memory stick or external hard-drive.
- Never connect or insert a storage device into your computer or open any files on it if you are unsure of its origin or owner.
- If you are comfortable about the source of the device, scan it before you open any file using your anti-virus and anti-spyware software. You might know the person who gave you the storage device but they may not know that the file on it that they are sharing with you contains a virus or spyware.
Sending files via email
- Make sure you scan every outgoing email and attachment using your anti-virus and anti-spyware software. This is easily done by turning this feature on permanently to scan automatically whenever you send an email.
Sending files via portable storage devices
- Once the file is saved to the portable device, scan the whole device using your anti-virus and anti-spyware software.
Step 10: Secure your wireless internet connection
Many of the latest computers come with the ability to connect to the internet and other nearby computers without the need for wires or cables, using a wireless connection. Instead of wires or fibre-optic cable, wireless technology uses radio waves and/or microwaves to transmit the data similar to a mobile phone or radio.
If you are using a wireless connection to connect to the internet, or between other computers in your office or home (i.e. a wireless network), make sure you can protect your connection. If you don't secure your wireless connection properly, people in your neighbourhood may be able to use your internet connection or access the information on your computer.
How to be smart with your wireless internet connection
- Set a strong password. Wireless hardware and software usually comes with a default password set by the manufacturer. These are standard passwords that any unauthorised person with the intention of accessing your wireless connection is likely to know. Make sure the wireless hardware and software you are using have strong passwords.
- Turn off your broadcast. Restrict how many people in your neighbourhood can 'see' your wireless network by:
- turning off the feature that automatically and constantly broadcasts your wireless network's name (this is called the SSID)beyond your premises into the local area, and
- reducing the power of the transmission (if your wireless equipment allows it) so it reduces the distance that the signal carries.
- Turn encryption on. Make sure you have encryption turned on in your wireless software settings. Encryption means to take data and scramble it according to a particular formula in such a complex way that it is extremely difficult for anyone without the formula to make sense of it. The formula is separated from the data until it is needed to unscramble it. This makes it very hard for anyone on the internet who somehow manages to intercept your transmitted data to make sense of it.
- Turn WPA on. Choose the strongest encryption method available. WEP offers the most basic protection and should only be used if there are no other options available, such as WPA or WPA2.
- Restrict access. Restrict access to your wireless network to specific computers that you nominate. Every computer connected to your network uses a network adaptor, each one of which has a unique identifier called a MAC (Media Access Control) address. You will need to find the MAC address of each system and register it via software settings with the router and the central access point to the wireless network - usually a computer.
- Turn off remote access. Turn off any feature your wireless hardware may have that allows you to give administration access to someone off-site, e.g. an administrator who might be anywhere on the internet, such as the person who looks after your computers.
- Turn off the connection. Turn off your wireless connection when you are not using it.
Step 11: Be careful about online telephoning (VOIP)
If you use your computer and internet connection to talk to people instead of your telephone or mobile, make sure you do it safely.
Talking to people via your computer and broadband connection is called Voice Over Internet Protocol (VOIP).
There are several ways you can use VOIP. Either computer to computer using a headset or you can get an extra service where you buy a VOIP phone handset and use it like your normal phone.
Like all uses of the internet, there is a risk if you are not properly protected. There is also the possibility of a breach of your privacy if someone were able to intercept the conversation. Skilled hackers and computer criminals are capable of intercepting your conversation if the security precautions listed below are not followed.
How to be secure with your online telephoning (VOIP)
The security risks involved in using VOIP can be minimised by:
- making sure you have the latest version of anti-virus and anti-spyware software and a firewall on your computer, and making sure this software is activated and regularly updated
- using a strong password for your VOIP software to keep it private
- setting up your service to allow connections only from people you know and block everyone else to prevent strangers calling you out of the blue
- not putting any sensitive, private or confidential information on your public profile, and
- checking regularly with the VOIP providers website to see if there are any updates or patches.