Attention: The forums will be placed on read only mode this Saturday (Oct. 20, 2018)

During this outage (6:30 AM to 8 PM PDT) the forums will be placed on read only mode. We apologize for this inconvenience. Click here to read details

Computer Help forum

General discussion

"lo-priced, good/tight security package??

by ATP-1 / August 30, 2007 1:28 PM PDT

Hello all.

I have been undertaking an overhaul of my systems, and I am now turning my attention to the matter of security.

What I am seeking is advice concerning the purchase of hardware and software (online & on-premise) that would enable me to put in place "good" to "tight" security.

I am hoping for something that is ?comprehensive?, eg. 'package', and at a budget suitable for an independent operator/SOHO enterprise. I hope that this is not too big a question.

Any and all suggestions welcome.

Thanks,

ATP-1

Discussion is locked
You are posting a reply to: "lo-priced, good/tight security package??
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: "lo-priced, good/tight security package??
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Few things
by Jackson Douglas / August 30, 2007 2:37 PM PDT

First thing is that "tight" security is meaningless. I get what you're trying to say, but you sound like a wanna-be rapper or something. You'll have a hard time getting a professionals to take you seriously talking like that.

Second thing, forget this idea of comprehensive suite programs/packages. From a security standpoint, those programs are more likely to be less secure. If they share common components, and there's an exploit found in that common bit of the programs, then all of them are vulnerable. It's more work, but having separate and distinct programs, each standing sentry on a different front, is a far better way to go.

Third thing, you need to understand that for numerous reasons beyond your control, if you use Microsoft operating systems and programs, you're pretty much always going to be left wanting on security. There are first and third party programs that can help fill some of this gap, but they will cost you dearly.

All of that out of the way, I'm working on the assumption that you're looking to improve the security for your own setup, not become some kind of IT security contractor -- if you're looking to go into security contracting, you are in about the worst place possible for that with Cnet. In such a case, there are a few simple things you can do that will improve your overall security in a big way.

First thing is not to use Windows if at all possible. Getting a Mac or running Linux will grant you automatic immunity to all Windows-centric viruses, exploits, etc. With programs like OpenOffice coming of age lately, even if I do so adore Office 2004 for the Mac, this is a lot more feasible than you might think. I routinely switch between Windows, Mac, and Linux systems, and have no real difficulty passing documents around. I doubt most people ever have any clue what operating system a given document was made with. This isn't always an option, but if it is for you, take it.

Assuming you're stuck with Windows for better or worse, there are some things you want to make sure of.

Probably the single most important thing you can do on any Windows system as far as security goes, is never use Internet Explorer. Reasons aside, it's probably the single biggest security hazard on a Windows system. The lone exception is to use it in downloading new security updates from Windows Update, which you should do once a month. Every other time from that, use either Mozilla Firefox, Seamonkey, Opera, or Safari. Doesn't matter which, just so long as it's not in any way based on IE. Also stay away from Firefox extensions like IE Tab.

It would also be quite behooving of you to not to use Outlook/Outlook Express. They're prone to email worms, make life easier for spammers, and use Internet Explorer to display messages with HTML content in them. There are dozens to hundreds of other email programs out there, and so long as they don't use Internet Explorer in any way, they're safer than Outlook/Outlook Express. I like Mozilla Thunderbird myself, having a number of tools to help combat spam, but I have taken to using Google's Gmail in recent years.

It might also be wise not to use MS Office if you can help it. OpenOffice is a good free alternative that will do the job for probably 99% of people. It can save to the MS Office 2000/XP/2003 format, and open files of just about any format. It does have it's limitations, but it's free, so it can't hurt to take it for a spin and see how well it works for you. It also helps insulate you from the growing trend in MS Office based exploits. There's also WordPerfect Office, which isn't free, but is quite reasonably priced compared to MS Office, and probably has better document compatibility with Office compared to OpenOffice.

You should also make sure to do the basics, like have a virus scanner. IMO, McAfee's VirusScan and Norton's Anti-Virus should be avoided. VirusScan because of it's atrocious impact on system performance, and Norton for quality control issues. I like AVG Free, which you can't use in any sort of commercial or non-profit environment, but the paid version is quite reasonably priced. There's also others like PC-Cillin, Panda somethingoranother, and Nod32 to name a couple. Just avoid any security "suite" type offerings any of them may offer.

You'll want a firewall. The XP/Vista firewall will probably be plenty. If you have broadband Internet, then I would suggest getting a router with a firewall in the firmware instead. Mostly just to offload the processing to the router's dedicated hardware instead of your system, but you can also cover multiple systems with a single configuration. I don't tend to like Zone Alarm and other third party software firewalls. I think they spend more time focused on things like the interface rather than the actual firewall end of things. They also phrase messages to make it sound like the Huns are attacking. I have to stop and wonder why it is they feel the need to try and deceive/mislead people like that. It makes me think that maybe there's something they're trying to hide about their program. Again, avoid any "suites" that may be offered with programs like Zone Alarm. Whatever you end up using, router or software firewall, make sure that you only allow things that are absolutely necessary through the firewall and block everything else.

Another good idea is to get some sort of disk imaging program such as Norton Ghost or Acronis True Image. Take a base image of your system once you get everything set up and configured to your liking. This way, if anything should ever happen, you can get back up and running quickly. Something that can be of vital importance in a small business setting.

Along with the disk imager, would be to invest in a good backup system. I'd suggest something like a tape drive or external hard drive. A CD/DVD burner is cheaper, but the media is far less reliable over the long term. Tape backup carts are small enough that they could be put into a safety deposit box with ease, making for a relatively cheap and highly secure off-site storage place for your data. External drives can be easily unplugged and taken with you at the end of the day, and moved from computer to computer should you need to use a backup system while your main one is fixed, or if you get a new computer. There are also Zip and Jaz drives, but IMO, they're rather expensive for the capacity they offer. You might also consider some online storage solutions offered. I wouldn't rely on them as your only backup means, but they can make for a very useful second tier backup system for you.

You can decide if you want to invest in one of those intrusion detection devices you see in stores. Personally, I think they're a waste of money for most people. You need to know what you're doing to really make use of those things, and most people who would pick up something like that at a big box retailer like Best Buy wouldn't know the first thing about using it.

Finally, avoid putting any unnecessary programs on the work computer(s). That means don't install things like iTunes or a DVD player onto the work system. Limit it to the programs you need for your work, and only the programs you need for your work. If you want to listen to music while you work, buy a stereo. The fewer programs you have on the computer, the less chance one of them will cause problems for you in any way. Also, if you're going to be using Vista, doing something as simple as playing an MP3 file can have a dramatic impact on your network throughput.

That should give you plenty to think about for some time to come. It should all be quite wallet/budget friendly in the end. A lot of it is just replacing one program with another (free or low cost) one. There are still areas left to improve, but if you follow these suggestions, you will be pretty well off compared to many.

If you have any other questions, want me to clarify something, etc, feel free to ask. Thought experiment type topics like this are a nice change from the usual Q&A.

Collapse -
re. Few things
by ATP-1 / August 31, 2007 12:43 AM PDT
In reply to: Few things

Sincerest thanks for your considered and lengthy reply. You have given me a lot to think about. I am very seriously reflecting on what you have suggested.

I would like to take up your offer for clarifications etc. when I am sure my understanding allows me to stand on 'terra firma'.

Thanks again,

ATP-1

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!