This post is an update to the post I published in April last year where I answered the question I often get asked by family and friends ‘What security should I use on my Windows PC?’.
There are many security packages around and you could some up with many different answers depending on your research but after a number of years this is what I use to protect against different threats. Most of the software is available as free versions with a bit more functionality with the paid version.
If you are a student writing coursework – backup software is the number one piece of security software everyone should have. Last year the new threat of CryptoLocker that makes all files unreadable (encrypts) and asks for a ransom adds to the risk that all data could be irretrievably lost. Cloud-based backup software and storage space is available for free – there is no excuse not to install it!
Some software I would not recommend unless you are computer literate and you understand how to respond to the alerts so I have split the software up into different levels depending on how computer literate you might be. The software listed here is for personal use and not corporate use as the software may not be appropriate for many different reasons including licensing or centralised management.
1. Don’t Lose Your Data – Free
I keep on hearing ‘I have lost my USB key’ or ‘My laptop disk has been corrupted’ with work irretrievably lost… but there is no need for this to happen. There are lots of free cloud storage options available that automatically create a backup copy of your data onto the Internet.
In 2013 the CryptoLocker malware was released that makes all files unreadable (encrypts) and asks for a ransom to recover the data. It is now being distributed in many different formats including within emails and on USB keys. In some cases the ransom has been paid and the data recovered but it does not always work.
I use Dropbox as it has versions of software for Android and iPhones with 2GB of free space. On my Android phone I can view and edit most documents and for essential documents I create PDF copies that can always be viewed. If you have an HTC or Samsung phone you gets lots of additional free Dropbox space.
It also keeps versions for the 30 days so that even if a document becomes corrupted/encrypted you can recover a previous version using the web interface. This would be protect files in the event of CryptoLocker malware being installed on a PC.
Dropbox has lots of other great features including automatic backup of photos on your phone and folders that can be shared with other friends. It also has the ability to create shared folders and I find it a great way to share files with members of my family. There is no need to email large files or to lose any of your data again.
If you run out of space, there is always Google Drive with 15GB free or Windows SkyDrive with 7GB free space to store files you use less often. There is a comparison of different cloud storage services here.
2. Anti-Virus Packages – Free/Paid
I install an anti-virus package including firewall. There are many good packages around with plenty of reviews but I have tended to stick with Norton Internet Security over the years as the three pack version is good value and tends to be rated in the top three over many years. Norton operates in the background without any intervention and extra protection can be downloaded to protect younger children from accessing undesirable web sites.
If you have signed up for broadband many suppliers provide a free copy of McAfee AV which is a reasonable package.
Many other people are happy with the free AVAST or AVG Anti-Virus protection which are cut-down versions of the commercial packages and then use the built-in Windows firewall. I cannot recommend the free Microsoft Security Essentials as studies have shown the protection is not the best.
3. Web Site Search and Reputation Notification – Free/Paid
Norton Internet Security comes with a browser bar for Firefox that provides a secure search and marks whether links in Google searches are OK to click. Symantec has not rated every web site and it does not rate every link on a page including those on Facebook.
So I also install the free version of McAfee SiteAdvisor which gives a nice big green button on the bottom right of Firefox and rates every link on a Facebook page. SiteAdvisor also comes as a commercial version with more features.
4. Protecting Passwords – Free
This year my strategy has show itself to be valid where I know someone who had their Twitter account hacked (probably from a key logger on a public computer) that was then used for spam. A few months later their Facebook account had spurious posts as the passwords were re-used with Twitter.
For years I have been using KeePass to store all my passwords as it is available on many different platforms and can be shared with an iPhone and Android phone using Dropbox. Make sure you use a long and strong password that cannot be easily discovered.
A lot of people use LastPass but I have stayed away from using as I thought they might have a security breach – which they did in 2011. Given the attention to security they now have I would consider them an option if I did not have so many passwords in KeePass.
The Next Level
5. Blocking Malicious Sites – Free/Paid
For a number of years I have also used Spybot S&D as it has feature to ‘immunise’ a PC to block malicious web sites and a scanner that looks for other malicious content not included in Norton Anti-Virus. There is a free version that can be run manually which is why it is a good idea to have it installed.
6. Protecting Your Key Strokes – Free/Paid
The next is protection against programs that might log your key strokes and record passwords. There are many trojan horse programs on the internet that will record passwords for banking sites or use captured information to steal your identity. With the Twitter account I know that has been hacked this has been shown to be a useful addition – unfortunately the public computer was not using such protection.
I use Zemana AntiLogger to detect whether a program is trying to record key strokes. It recognises legitimate programs such as TeamViewer that record key strokes to share screens.
There is a basic free version that can be installed and it can be setup to operate silently on PCs used by users that are not so computer literate. If you want to purchase the paid version – search for discount codes to get up to 40% off the price.
7. Stop Tracking – Free
Many web sites track you and build up a picture of where you go on the Internet. This can be used for customising adverts and other content presented back to you. Research has shown that through your actions other more personal traits can be derived. If you want to block this tracking then install Ghostery in your web browser. You can select what sites you want to track you.
8. Protecting Confidential Data – Free/Paid
Laptops and USB drives can be so easily to be lost or stolen with a resulting risk to confidential data. Your PC may contain personal information about yourself and if you have personal data about others you have a legal requirement to protect the data.
If you have to use a USB key to transfer data then purchase one that encrypts the data automatically. Many of the hardware encrypting USB keys are expensive but one that I have used for a reasonable price is from Integral that can be used without Administrator privileges.
If you want to encrypt a single file or a folder that can be emailed with a password then use free software such as 7-Zip.
9. Full Disk Encryption – Free
If you want to encrypt a large amount of data or encrypt the whole disk on a PC (and you do not have BitLocker on Windows) then you can do this for free with TrueCrypt. Just make sure you backup all your data (perhaps to Dropbox) before you encrypt the drive.
Many threats come from scripts being run in browsers and you can control what is being run by the Firefox with the plug-in NoScript. It turns off scripts by default and you have to be selective what you turn back on.