Introduction

The unauthorised access dealt with here relates to people connecting to your systems or depositing something on your systems when you had not authorised it. Examples of this may be someone connecting to your unprotected system over the Internet, or you open a mail message that has an attachment that is infected with a computer virus or you place a disc in your PCs drive that has infected material on it.

There are other types of unauthorised access though which are dealt with separately. An example might be you have weak passwords on your system and someone guesses what the password is and gains access to your information. Worse they change the passwords on your system having gained access and they take complete control of your system and its data.

Three basic and necessary protections are dealt with here. Firstly the firewall to stop unwanted connections, secondly the anti virus software to help find infected files and prevent infected files being opened and finally spyware protection. Each plays a major role in giving protection in a different but important way.

Firewall

What is it?

A firewall is software that runs on your PC, on a server on your network or as a dedicated hardware device on your network. The function of the firewall (wherever it is positioned) is to control what data is allowed into and out of a computer system or network. Typically a broadband connection has some form of server on the user's side which runs a firewall and that protects all the other PCs, printers etc attached to that network. Sometimes this firewall capability is built into a router that is provided by your Internet Service Provider. Often each PC has a firewall of its own which when turned on protects just that PC. Wherever it is located it does the same job of preventing people connecting into your systems without you having given permission for them to do so.

How do you protect then?

Simply turning on your firewall will start to bring you needed protection. With it turned on you will be allowed to access services on the Internet without hindrance and you should be fully protected against anyone trying to connect into your system. In more sophisticated environments where you want to have people connecting into your system(s) them firewalls can take on more complex configurations. Often you would have to say what connections you want to allow in and what services you want those people to be able to connect to. There are few generalisations in this latter case and each business will have its own needs that should be catered for individually and be setup correctly.

Whatever your needs it is, with Microsoft Windows and other firewall products available, a matter of turning these on to gain some immediate benefit. It may be though that with some products you will see a slowing down of your systems after you have done this. This is especially the case where products that carry out firewall operations as well as anti virus are concerned. This is often solved by adding some more memory to the systems in question.

Our experience is that for straight forward needs e.g. web browsing, getting e-mails in and send e-mails via an Internet Service Provider then a Microsoft Windows user can rely upon XP with Service Pack 2 firewall (basic but it works) or the one in Vista. Where there are needs beyond that set out above then careful planning and product selection is needed. Users with Windows ME/98/95 should upgrade in any event as these products are no longer supported.

Once firewalls are in place it is sensible to test them each year to make sure unwelcome visitors cannot penetrate your protections. At its basic level this testing can be carried out remotely so it has little impact upon you. On a more thorough level this would include checking for security flaws in your operating system software. On the basis you respond to the results of such testing and you correct any problems this is a very worthwhile activity.

Testing of this nature is something we can do for you if you wish or we can recommend and help appoint other specialist companies that will undertake it for you as part of a wider security strategy exercise.

Anti virus Software

What is it?

A computer virus is described as a piece of software that can replicate itself and move from computer to computer having first caused some level of damage to a user's file or the operating environment.

Computer viruses can range from being a nuisance to  being a very serious threat. As time has gone by what seemed to start as a joke has developed into something that can disastrous consequences for unprotected systems. Today the point has been reached where some viruses are directed at particular targets that get attacked on a coordinated basis. Some viruses have been known to wipe hard disc units completely leaving users with nothing of their original system and putting some small businesses - well putting them out of business basically.

How do you protect then?

There are many anti virus software products available. They work on the basis that they can scan your hard disc and seek out any files that look to have been infected and warn you or quarantine them or delete them. Additionally these products can do the same on a real-time basis in that they check a file just before you read it to make sure its clean before it gets opened. An example might be that you use your word processor and click open on a selected document. Before it is opened the anti virus detection software looks at the file and either denies you access if it is infected or gives you access if it is clean.

The essential thing with anti virus software (apart from having it in the first place) is to make sure you keep its knowledge of viruses up to date. This is done online where the product will update itself making sure it is aware of all the latest viruses. It is possible not to have this done automatically which often means you can forget about it. The consequences of this are not good as the detection system becomes stale in its knowledge of new viruses, a new strain or virus variant gets onto the Internet and when it arrives on your PC your anti virus detector fails to recognise it. Game, set and match to the virus regrettably. The message here being make sure your product is updated on a daily basis.

While not wanting to endorse a particular product for anti virus detection an affordable product that has proven its worth is the Avira product. Free of charge for personal use and very cost effective for business use this product, when used in conjunction with a firewall and a spyware detector (see below), offers good all round protection as your first step to making your systems more secure. You will find details of the Avira product here should you wish to see them.

Spyware

What is it?

•  Software that secrets itself onto your PC that tracks, say, your web sites you visit with the intention of analysing your browsing habits and presenting adverts of particular types to you later on.
•  Software that secrets itself on your PC to spy on, for example, the keystrokes you make or access private information on your PC or change some part of your system configuration without your knowledge.

The first variant is not so much harmful as more an intrusion on your privacy albeit sometimes people are perfectly happy with this activity. Indeed people quite often willingly sign up to web sites where it is a condition that this tracking takes place. The second variety can be harmful. It collects, say, keystrokes so that your user and password details can be gleaned and potentially used by some third party against your interests. Freeware download products from web sites are highly popular with spyware authors to achieve unseen delivery of spyware onto your PC. Setting aside the dangers for a second, both varieties of spyware can cause PCs to run slowly. Often a clear out of these “wares” will make your PC that bit more responsive.

How do you protect then?

There are two actions needed here:

1.  It is vital that you only download software from sites that you trust. Spyware is often delivered to your PC without your knowledge through the download of some other product you have chosen. Company policy and Windows Local Security policy should be set to make sure ordinary users do not have administrative/power privileges thus reducing the risk of uncontrolled downloads.
2.  It is essential that you clean your PCs on a regular basis. There are detection systems available that will look at your system to find the common “wares” that may have been put on your PCs. These are low cost products, and sometimes free or by donation, that will help remove problem software that would otherwise go unseen. A daily cleanup on a scheduled basis works well.

• Whilst not wanting to endorse any particular product the Spybot Search and Destroy product is very good. It’s a free download and you can make a contribution to the author Patrick Kolla if you wish to see his good works continue. Its approved for Vista too! You can see the product web site here. Like other products this can be run each day to automatically clean out any spyware found thus reducing your risk.
• A further product that will help keep spyware away from your systems is Lavasoft Ad-Aware. Again whilst not wanting to endorse any particular product this one is known to be effective. Its free for personal use and cost effective for small business use. You will find the details here. Running this at least weekly will help keep tracking sites at bay and again enhance your privacy and security.