Can We Really Achieve Security Nowadays?

Well many claim that this can be done, yet I believe that we cannot reach the 100% target unless we unplug our devices from the network and lock it probably in a highly secure room in a guarded facility.

Computer security nowadays can be a hard thing to achieve, it can cost a lot of money for organizations and its basics are mostly underestimated and rarely correctly applied due to several reasons such as technical inadequacy or lack of knowledge. Even after a lot of research and development in this area still till now we are facing problems in it.
Attackers are becoming smarter, and more complicated in their attacks that rely on system vulnerabilities and user weaknesses in order to hack and infect systems, and it’s from our responsibility to make their task harder, minimizing the weaknesses and by that the threat on our systems.

Start by 5 Important Steps

Here are 5 important Steps as a start for a better security level on your personal computer (Not necessary in the following order).

Step 1: Remove Unnecessary Software, Plugins, etc…

Manage InstallationsMost computers brand new or used for years include unnecessary applications, software, plugins, etc… which are rarely, sometime never used and we don’t know why they are there. Not mentioning slowing down the machine performance and consuming disk  space, they might pose a great security threat by presenting unneeded vulnerabilities to our system. So as a first step, review the installed applications, plugins which possibly installed by the PC manufactured out of the box, and uninstall the one that you don’t need and never use. As I quoted Gilmore in my previous post you need to install what YOU want not what the providers want.

Step 2: Keep Your System Up-To-Date

System UpdateNow that’s a very important step to keep in mind, and I am not talking only about Operating Systems update, every other software count in this case. Scheduling and always checking for updates for your system OS and software is a very crucial step toward security by patching bugs and security vulnerabilities which bad guys, providers and system administrators are always on a continuous race to exploit, patch and block such weaknesses. Most probably this process is and should be automated, most operating systems have scheduled and automatic update check, and several tools are available out there that can check for updates and security vulnerabilities in your system including installed applications, a recommended one is included with Kaspersky security products, I personally use Internet Security 2013 vulnerability scanner.

Step 3: Get a Good Anti-Attack Suite

Anti-Attack SuiteAn Anti-Attack Suite? Yes and by that I mean a personal firewall, the anti-family (Antivirus/AntiSpyware, etc…), now you can get them separately, or as I recommend a product bundling them all together in one single suite for better management. Such tools act as additional security layers on your system protecting against malicious scripts such as Viruses, Worms, Trojan Horses, etc…, suspicious behaviors, and warn you of any unsafe action you are doing or attempted. As in Step 2 updates for these applications and their definitions  should be from your top priorities (Scheduled and Automatic) to keep your system protected from the latest discovered malwares. My personal favorite in this case is as I mentioned previously Kaspersky Internet Security 2013 which includes most of these defenses all together.

Step 4: Setup a Complex yet Simple to Remember Passwords

Strong PasswordOne of the main problems faced with password based security and possible vulnerabilities to the system is psychological. Many users have hard time memorizing password, especially complex and long ones, tending to forget them, which might result by writing their credentials somewhere that might be accessible by outsider’s or generating easy to remember and crack passwords. An interesting way to overcome this problem and create easy to remember yet complex password is by combining several unrelated words that have a meaning to you, and a customized version of the words possibly using English letters to represent other languages words, such as Arabic in my case, could increase the complexity, an example is Kelmet-Sirr-2awiyeh which means in English a powerful password. In addition to that password managers are a good idea, here is a list of the Five Best Password Managers compiled by Jason Fitzpatrick, my personal favorite in KeePass.

Step 5: Setup a Backup Plan

BackupBacking up your data is always a necessary step, loosing data due to power failure, corruption, or hacking is disastrous. Either you like to back to a local hard drive, to another computer or to the cloud storage, you should do it. What I recommend is a combination, you can use automatic backup applications to help you in the process and a good one is CrashPlan, Adam Pash detailed the process of setting up an Automated, Bulletproof File Back Up Solution using CrashPlan. In addition to that, I would recommend Dropbox as a cloud storage, versioning and backup service, it’s an amazing tool with  a lot of tricks such as the simple page publishing trick.

Security is an ongoing process that has to be evaluated and evolved continuously, and in order to follow the right path toward it, commitment and awareness are needed.

What do you think of the above steps and what additional ones do you recommend?