The United States National Security Agency is always at the front lines of action, news, and debate when it comes to thwarting and prosecution cyber criminals, hackers, peer-to-peer pirates, and everyday illegal file sharers. This article takes a peek at the top security recommendations by the NSA for protecting home and small networks.
For Windows Users 1. Upgrade to Windows 7 or Vista, abandon and forget XP
The NSA advices using newer operating systems like the [b]64-bit versions of Windows Vista and Windows 7. The use of Windows XP is no longer encouraged. Windows 7 and Vista at 64bit versions are preferred as they have more built-in protection from the usual hacking programs and exploits.
2. Install an Antivirus and keep it updated.
An updated antivirus software and a regular habit of manually scanning the computer is key to security.
3. Limit the use of Administrator Privilege Accounts
As with computer configurations at work, it is best to use accounts that are only
User Privilege. This helps prevents the possible installation of malware and limits the spread of viruses.
4. Longer and more complex passwords
All passwords should be at least 10 characters long and be complex (include upper case, lower case, numbers, special characters). Use a simple phrase/word and add numbers and special characters. This further strengthens passwords from brute force attacks like Ophcrack and others.
5. Use Sandboxing capable Web Browsers and PDF Readers.
Sandboxing capability contains the browser and any possible malware attack while the user browses the internet. This prevents any web based virus or malware from directly attacking Windows or any of the user’s files and private information.
6. Upgrade to MS Office 2007 and newer.
MS Office 2007 up to the newest 2010 version follows a standard XML format for containing the document. This format ensures that the document is compatible with other office products. Offce 2010 suite also provides “Protected View” mode which opens documents in read-only mode thereby potentially minimizing the impact of a malicious file.
7. Use file or full disk encryption
Windows 7 and Vista support for Bitlocker Full Disk Encryption (FDE) natively within the OS. Encryption helps prevent data disclosure in the event that your laptop is lost or stolen. The encrypted files cannot be viewed, the thief will not be able to view or edit your saved files.
For Apple Users 1. Keep Mac OS X and third party Software updated.
Remember to regularly plug other devices such as iPod, iPhone, and iPad.
2. Limit the use of Administrator Privilege Accounts.
As with computer configurations at work, it is best to use accounts that are only
User Privilege. This helps prevents the possible installation of malware and limits the spread of viruses.
3. Enable Data Protection on the iPad
The data protection feature on the iPad enhances hardware encryption by protecting the hardware encryption keys with a pass code. The encrypted files cannot be viewed, the thief will not be able to view or edit your saved files.
4. Implement FileVault on Mac OS Laptops
In the event that a Mac laptop is lost or stolen FileVault (available in Mac OS X, v10.3 and later) can be used to encrypt the contents of a user’s home directory to prevent data loss.
Network Recommendations 1. Use WPA2 on Wireless Networks.
WPA2 is the recommended standard for wifi security. The old WEP security protocol is discouraged. WEP security is now easily cracked in a matter of seconds, furthermore, the hacking of WEP wifi is exploited to obtain copies of the transferred data. WPA2 is the best security for home and small business users.
2. Implement Alternative DNS Providers
The Domain Name Servers (DNS) provided by the ISP typically don’t provide enhanced security services such as the blocking and blacklisting of dangerous and infected web sites. Consider using either open source or commercial DNS providers to enhance web browsing security.
Safe Internet Behavior and Sharing of Personal Information 1. Traveling and Free Wireless Networks
Many establishments (e.g., coffee shops, hotels airports, etc.) offer wireless hotspots or kiosks for customers to access the Internet. Since the underlying infrastructure is unknown and security is often lax, these hotspots and kiosks are susceptible to adversarial activity. If you are in doubt, minimize the use of email and social websites on this network.
2. Use of Social Networking Sites
Social networking sites are an incredibly convenient and efficient means for sharing personal information with family and friends. This convenience also brings some level of risk; therefore, social network users should be cognizant of what personal data is shared and who has access to this data.
Users should think twice about posting information such as address, phone number, place of employment, and other personal information that can be used to target or harass you. If available, consider limiting access to posted personal data to “friends only” and attempt to verify any new sharing requests either by phone or in person.