What is a Fully-Secured Computer?

The only fully-secured computer is one that is turned off. It is impossible to guarantee total security, especially once a computer is connected to a network, including the Internet. The best for which an IT manager (or an individual user) may hope is that the installed antivirus, antispam, and firewall applications are stronger than the attacks the computer receives.

Listen to the podcast at Internet Archive.

On a positive note, the most common forms of successful attacks are those that begin with an infected attachment to an e-mail message. The second most common attack scenario involves a user’s visiting a Web site that installs malware.

Please, encourage safe computing in your organizations. Require users to delete e-mail attachments that they are not expecting to receive.

Do not use Microsoft Internet Explorer as a primary Web browser. Use Mozilla Firefox and learn to secure this alternative browser. A good first step is to install the NoScript add-on, which will prevent JavaScript code from executing without explicit user permission. Unless Java and JavaScript applications are controlled, the user has left his or her computer open to attack, when visiting a nefarious Web site.

We must also require our IT departments to keep our employee’s computers up to date with Microsoft’s security updates. Malformed graphic images can also be used to launch attacks against computers, as was recently witnessed on MySpace.

I again suggest that, regardless of your interest in information technology, that you learn to secure your most valuable digital resource, your personal computer, by following Steve Gibson’s SecurityNow! podcast. Start with episode one, and either listen to or read all episodes, they build upon one another.


Leave a Reply