Best Practices for Computer Safety

You have undoubtedly been exposed to repeated messages that you should take measures to protect your personal information and resources. Unauthorized people – hackers, crackers and intruders – want what you have: credit card and bank account numbers, personal information, email accounts, or even just your computer’s processing power and bandwidth. Intruders target home computers because they’re usually less secure and easier to access.

We have previously written about Truepoint’s approach to protecting your personal information in our June 2007 Viewpoint. We take security very seriously by employing a comprehensive security policy to prevent unauthorized access to your personal information. Since the time of our June 2007 post, we have enhanced security further and continually evaluate additional opportunities to do so.

As you may be aware, to comply with regulations being passed in several states regarding the protection of personal information online, our secure client website will increase password complexity requirements to make your password more difficult to crack. You should expect to see changes to the security policies of other websites you visit regularly.

Secure Yourself

Resign yourself to the fact that you will not be able to absolutely guarantee that others cannot access your personal information on your home computer; the perfectly-protected computer system does not exist, nor does the perfectly-secure mailbox for that matter. Your goal should be to make it challenging and time-consuming to access your personal information. Intruders usually will avoid attempting to break into a home computer where several basic security measures have been implemented. What can you do to protect yourself?

Treat Password Security Seriously

• Use complex passwords – no less than 8 characters, including upper- and lowercase letters, numbers and special characters.
• Create unique passwords for your various logins. Consider using a program like KeePass to help you manage all your passwords with a master password.
• Do not write your passwords down, or at least avoid keeping your password list where it could be easily found by others.
• Do not use obvious passwords such as your name, address, birthday or even dictionary words.
• Change your password regularly.

Use An Anti-Virus Program

• Install an anti-virus program on all of your computers (Norton, McAfee, Avira or AVG, for example). Note that some free anti-virus programs can be just as effective as paid applications, while others are actually trojans.
• Ensure that your anti-virus program regularly updates its virus definitions.
• Schedule regular, complete virus scans of your computer.

Employ Firewalls

• A firewall is designed to block unauthorized access while allowing authorized communications.
• Firewalls can be software-based (Norton, McAfee or ZoneAlarm, for example) or hardware-based (wireless routers typically have firewalls).
• Configuring firewalls may be challenging to those with less technology experience. Software firewalls generally attempt to make configuration as painless as possible through a wizard set-up process.

Keep Your System Updated

• New vulnerabilities with operating systems, browsers and other programs are discovered regularly and can be easily exploited if you do not regularly update your system and applications.
• In Windows, make sure you have Automatic Updates turned on and that you install updates when available.
• On Apple computers, install updates when you are notified.

Maintain Healthy Skepticism with Email

• Do not get phished – Never provide any sensitive personal information to anyone via email. The IRS, your bank, your credit card company, etc will not ask you to verify information in an email.
• Avoid the unknown – If you do not know the sender, avoid opening the message; delete it permanently.
• Watch where you link – be careful about what links you click; they may lead to a website that tries to exploit your computer.
• Detach from opening attachments – if you are not expecting an attachment from a specific sender, do not even open the attachment as it may carry a malicious file.

Additional Thoughts

• Configure wireless security on your router correctly; consult with a computer expert if you lack the experience.
• Run anti-spyware programs. The latest and greatest of these programs are constantly changing; spending a few minutes reading about these programs should lead you to a good choice.
• Before replacing your computer, delete sensitive personal information from the hard drive. Recognize that even deleted information could be restored, even after a low-level format. Some experts suggest drilling multiple holes through the drive or smashing it numerous times with a sledgehammer. Save this task for the next time you’ve had a stressful day!
• Do not neglect security on mobile devices like your laptop or smart phone. At the very least, use password security and consider encrypting any sensitive information stored on these devices.

This Viewpoint discusses a number of steps you can take to help reduce the risk of sensitive information getting into the wrong hands. The steps you should implement will depend on the specifics of your situation. We cannot endorse any of the programs mentioned above as they are presented only to serve as examples.

To learn more about how you can protect yourself, visit the following sites:

www.us-cert.gov

www.staysafeonline.org

If you would like to learn more about Truepoint’s commitment to privacy and information security, please contact your advisor.