Do you have anti-virus software on your computer?
If you do, congratulations. You have taken the first step toward real computer security.
However, many people think installing anti-virus software is the only step they need to protect their computer and the data stored on it.
Or they may know they need to do more about computer security, but don't know how.
Keeping your computer secure can be a daunting task, but it isn't rocket science. We asked security professionals for their best and simplest tips to make computers as secure as possible.
Anti-virus software is the front line of computer security. But the experts also recommend that you update your anti-virus software and virus definitions when prompted.
Better yet, adjust the settings so that they update automatically — good anti-virus software will update definitions more than once a day.
While no anti-virus software will catch everything, updated software will catch more than software that isn’t updated.
The biggest problem undermining password security isn't that passwords are too short or too simple.
It's that many people use a single password over and over again, with the result that one website's data breach will jeopardize accounts on many sites.
"One easy option is to make all your online-retailer logins and passwords different from your financial logins, and those different from your email password," said Andrea Eldridge, chief executive officer and co-founder of Nerds On Call in Redding, Calif.
"Remembering three passwords based on a category is easier than remembering a constantly changing single password."
Home Wi-Fi networks can easily be found by scanners on laptops, smartphones and stand-alone devices. Most people have learned to secure them with password-based encryption, but there are still a lot of holdouts.
"With the proliferation of wireless in homes and business, securing these connections is an important step in keeping very bad things from happening," said J. Wiltz Cutrer Jr., owner and chief technology officer of TechKnolutions, a technology consultancy in Brandon, Miss.
"While manufacturers have made it simpler [to turn on encryption], the unfortunate fact is neighborhoods remain filled with vulnerable wireless networks."
In fact, you may want to take the next step and set your Wi-Fi router to not broadcast its network name, or SSID. That way, people driving down the street scanning for open networks can't see yours at all.
How can you be sure your online banking site is really what it claims to be, or that you're really logged into Gmail? There are certain signs.
"These can include the padlock icon in the browser address bar, use of the 'https' protocol, which means that the site is encrypted, and a green bar indicating that the owner of the site has gone through extended validation by a Certificate Authority like DigiCert to prove the organization's identity," said Scott Rea, senior public-key-infrastructure architect and vice president of government/education relations at Lindon, Utah-based DigiCert.
The Java software engine, which Oracle acquired when it bought Sun Microsystems a few years ago, lets the same applications run on Windows, Mac and Linux machines, which makes it ideal for Web-based apps.
Unfortunately, that means one security flaw will affect all machines, and there have been a lot of flaws found in Java lately.
"There are a number of attacks targeting Java in the browser," said Raphael Mudge, founder of the Washington, D.C., security-testing company Strategic Cyber LLC.
"The latest Java updates tighten Java's security by fixing security holes and making it so you have to click an applet for it to run in the background," Mudge said. "In the past, a Java security hole meant an attacker could silently execute their malware without you knowing about it."
Despite that improvement, running Java in your Web browser is a huge, and largely unnecessary, security risk. Here's how to disable it.
Microsoft is very diligent in providing solid, well-explained security patches on the second Tuesday of every month. For the most-critical flaws, the company will push out an "out-of-band" update.
But the company can't help you unless you're on the ball as well. Go into Control Panel, open Windows Update and make sure it's set to install updates automatically.
"This will make sure you always have the latest fixes for Windows installed," Mudge said, adding that "you should enable automatic updates for other programs, too."
Most modern operating systems and home network gateway routers come with optional firewalls built in. Turn them on. In Windows 7, for example, the firewall can be found in Control Panel.
Scott Greene, chief executive offer and senior technology examiner with Evidence Solutions, a digital-forensics company in Tucson, Ariz., says you can also find good, free third-party firewall software that automatically configures itself for software already installed.
A good firewall helps to prevent others from getting connected to your machine, whether you're in a coffee shop, home or office, and will notify you if someone is trying to connect, Greene said.
Things that arrive unexpectedly on your browser screen or in your email inbox are often malicious and may download malware onto your computer.
Your up-to-date anti-virus software should catch most malware before it does any damage, but it's better to use common sense to avoid the risk altogether.