Tuesday, November 30th, is National Computer Security Day.  Although this special day has been around since 1988, many people are not only unaware of it, but are still also unaware of some of the basic security required for protecting their computing devices.

The rise of remote work has stretched the security perimeters of all corporations, and fortunately, there are products, such as Tripwire Enterprise that can help them to protect the organization, from the full computing systems, to data storage.  With features such as configuration management, compliance enforcement, as well as file integrity monitoring, Tripwire has a full range of products to protect an organization. 

Protecting your home computing environment is as important to you as protecting a corporate setting.  While some of the standard protections are obvious, such as having a good malware detection and prevention system, and a personal firewall, some others may not be as obvious.

Keep Your Backups Offline

One key piece of advice for corporations is to keep backups offline.   Since most ransomware will search all connected devices for files to encrypt, keeping the data separated will ensure that those backups are protected, ensuring easy restoration without having to pay the ransom.    Ransomware doesn’t discriminate.  While there are targeted attacks against large organizations in order to demand larger sums of money, attacks against individuals still occur. 

If you are using a cloud-based backup solution, disconnect from that backup, and activate it only when you need it.  If you are “old-school”, preferring to back up your files to an external storage unit, disconnect that device when you are not using it.  This simple step can protect you from being fully victimized if you suffer a ransomware attack.

Shut Down Unused Computers

Many people leave their computers running all the time.  This way, they are always ready to use it at an instant.  This made great sense back in the days of earlier generations of machines with slower processors and spinning disks.  Now, computers no longer take “forever” to boot up, so leaving it running all the time leaves it open to attack from open port vulnerabilities

In a corporate environment, port monitoring and management is made easier with a vulnerability management system, such as Tripwire’s IP360, however, in a home environment, managing open and vulnerable ports is not something the average person does.  The simple, solution is to shut off unused computers.  Another option is to adjust the power settings so that the computer goes into a low-power mode after a short period of idle time. 

Also, while there are conflicting ideologies about whether turning off an idle computer saves energy, money, and reduces wear on the components, one should consider their personal habits and thoughts on the subject, and decide accordingly.

Does Everyone Need to be a Local Admin?

In a corporate environment, computer permissions are tightly controlled, as the typical employee does not require full administrative rights to carry out the normal tasks of the workday.  This, along with a configuration management system also protects the environment against unplanned configuration changes.

This is also a good practice in a home environment.  Most of the time, all members of the family do not need to have full administrative rights on a computer in order to effectively use the system.  When an account is created, the creator is given the option to grant permissions to the account.  Accounts can also be adjusted after they are established on the system.

The best part about these tips for Computer Security Day is that they are all absolutely free!   We at Tripwire hope that you have a safe holiday season, and that your computing environment remains secure.