Jump to content

Defensive computing

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Superking300 (talk | contribs) at 02:04, 24 February 2009. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Defensive Computing is a form of practice for computer users to help reduce the risk of computing problems, by avoiding dangerous computing practices. The primary goal of this method of computing is to be able to anticipate and prepare for potentially problematic situations prior to their occurrence, despite any adverse conditions of a computer system or any mistakes made by other users. This can be achieved through adherence to a variety of general guidelines, as well as the practice of specific computing techniques.


Defensive computing is about taking steps when things are running well, to avoid or minimize problems down the road. In short, it's about being smart and planning ahead. [1] Strategies for defensive computing could be divided into two categories: Network security being the first one, and backup, recovery procedures and file protection as the second.

Network Security

Users put their computers at risk when accessing the Internet and other networks. The use of either of these allows others to gain access to a user's system and important information. By implementing certain strategies, defensive users aim to reduce the risk associated with network access.

Firewall

A firewall is a collection of security measures that protects a computer from harmful inbound and outbound traffic on the Internet and prevents the unauthorized access of computer systems. [2] These security measures are integrated into the form of special software that runs autonomously either on individual computer systems, or externally through built in software within routers and [[]modems]].

Not all firewall software will protect computers from sending unauthorized or harmful outbound traffic. An important defensive computing strategy is to seek and implement quality firewall software that filters both inbound and outbound traffic. [3]

Anti-Malware software

A basic strategy for all defensive computer users is to install and use anti-malware software. Firewalls may not completely protect a computer. Malicious software may be able to get through a firewall and onto a system. Anti-Malware such as anti-virus, anti-phishing and email filtering software offer some protection against harmful software that reside within a computer. The amount of malicious software available over the Internet is steadily increasing. [4] It is important for defensive users to use to anti-malware that is both effective and easily updated in order to combat new strains of malicious software that are developed.[2]

Skepticism

An important aspect of defensive computing is for users to be skeptical of the data to which they have access via the Internet.[5] Malicious software can exist in a multitude of different forms and many are misleading to general computer users and even some anti-malware software. Defensive users think critically about the information they can access, to reduce their chances of downloading and spreading malicious software. Strategies include scanning email attachments prior to opening them and manually filtering suspicious emails from inboxes. Users should be aware of persuasive subject lines and headings in emails from any address, as they may actually contain malicious software or spam, which can mislead users into false advertisement resulting in identity theft.[2] Defensive users can scan files they download prior to opening them and can also configure their computers to show file extensions, revealing potentially dangerous files that appear harmless[7]. Skepticism can also be applied to the websites visited by users. As with emails, users can be lead to false advertisements. Also, malicious software can unknowingly be downloaded and infect a computer, just by visiting a certain website.

Emails

Users should be extremely careful when opening email attachments. It is a very good habit to only open attachments after scanning them first with an up-to-date antivirus program. When the user receives an image file, he/she shouldn’t double-click on the attachment. The image viewing application should be opened first and then the image should be opened from within the viewing program. [6]

Also one should beware of persuasive messages with headings that are out of the ordinary, or invitations that promise rewards or excitement. Most of them could be spam, misleading the user into false advertisement that could reach his/her private information.

The important lesson is to always be skeptical about e-mail messages, and to not judge them based on the sender’s address. It is very easy to forge the sender’s address in an e-mail message. [3]

Check this link for examples of unsafe emails.

Downloading

Users should be careful when downloading and opening files. Once again it is a very good idea to scan them with an up-to-date antivirus program before opening them. Users should configure their computers to always show file extensions, in this way not letting dangerous files (EXE, VBS, BAT) appear as harmless (JPG, TXT, DOC). [2]

Instant Messaging

On the Internet, a person’s identity is completely concealed. This anonymity comes into play even when users are instant messaging with somebody they know. All the responses from a friend’s computer may not actually be coming from the user’s friend. Some may be inserted by malicious software running on that person’s computer. [4]

If a virus infects a user’s friend’s computer’s instant messaging program, then it can insert anything into the chat windows and it will look like the message is coming from the user’s friend. Furthermore, it can provide a link for the user to click on that may lead to malicious software. [5]

Backup and Recovery Procedures

In order to prevent data loss, it is a good idea to always back up one’s files.

There are many ways users can unintentionally lose information on a computer. Some examples include a child playing the keyboard like a piano, a power surge, lightning, floods, and equipment failure. [7]

If a user regularly makes backup copies of their files and keeps them in a safe place, they can get some, if not all, of their information back in the event of something happening to the originals. [7]

Users should back up files containing personal information such as banking records. They should also backup music, photos, personal projects, calendars and contact lists.

At some point, the computer the user is using will eventually crash and the user will lose some files and data. Most of the times crashes are inevitable, but users can minimize the loss in different ways. Using System Restore is an option, but there are also other alternatives users can use.

If users have all of their personal information and files backed up, it will be very easy to restore their computers to the way they were before, which in turn would make the data loss minimal.

Good Practices for Protecting One's Data

  • Regularly backup important files, documents and emails.
  • Do not use the administrator account for day-to-day activities.
  • Keep software up-to-date with the latest versions.
  • Keep antivirus and antispyware up-to-date with latest versions.
  • Use different passwords
  • Disable auto run feature from USB flash drives. Some viruses, specially worms, spread automatically through USB flash drives [8]
  • Always connect to the Internet behind a firewall

References

  1. ^ http://att.com.com/8301-13554_3-9740197-33.html, Introducing the defensive computing blog
  2. ^ a b c d http://www.cs.unm.edu/~treport/tr/02-12/firewall.pdf,A History and Survey of Network Firewalls Cite error: The named reference "two" was defined multiple times with different content (see the help page).
  3. ^ a b http://news.cnet.com/8301-13554_3-9923976-33.html, The Pillars of Defensive Computing Cite error: The named reference "three" was defined multiple times with different content (see the help page).
  4. ^ a b http://www.washingtonpost.com/wp-dyn/content/article/2008/03/19/AR2008031901439.html, Antivirus Firms Scramblinb to Keep Up Cite error: The named reference "four" was defined multiple times with different content (see the help page).
  5. ^ a b http://www.melbpc.org.au/pcupdate/2206/2206article6.htm, How To Protect Yourself From Virus Infection Cite error: The named reference "five" was defined multiple times with different content (see the help page).
  6. ^ http://www.melbpc.org.au/pcupdate/2206/2206article6.htm, How To Protect Yourself From Virus Infection
  7. ^ a b http://www.microsoft.com/protect/yourself/data/what.mspx, How to decide what data to back up
  8. ^ http://news.cnet.com/8301-13554_3-10027754-33.html, Be safer than NASA: Disable autorun

See also

Stub icon

This computer science article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Defensive_computing&oldid=272865592"