Some Basic Windows Security Tips

     

  1. Never use the default user account created during the Windows install process for anything but systems maintenence and program installs. The reason being is this account also has administrator priviliges which makes it the most common vector for trojan infections. You do not have to login to the Administrator account to be assigned administrative privs by the system. Alternately, create a "Limited" account and use that for all your web browsing and day to day tasks. You will be happy you did!

    To create a limited account, go to Start -> Control Panel -> User Accounts -> Create New Account and enter a name for the account, then click next. In the next window you will see Computer administrator is selected by default under "Pick an account type." Select the Limited radio button instead and click Create Account. Don't forget to assign a password to the new account. :-)

    2.  

  2. Disable Autorun by following the instructions here: http://www.nist.org/news.php?extend.264 Having AutoRun enabled is a common trojan (re)infection vector as most trojans now infect any drives which are attached to the system, including USB jump drives, etc.

    3.  

  3. Install AntiVirus (Caltech members can get Symantec AntiVirus for free, a good deal if you are a student, faculty or staff member).

     

    I used to recommend Windows OneCare for just about anyone, I really liked it. However Microsoft has discontinued the OneCare app, though it will stil be available for use as an online scanner. In its place Microsoft plans to offer a package called Microsoft Security Essentials (MSE) for free. I plan on testing it once it is out of Beta. In leiu of that, try the latest Norton AntiVirus; I used to despise Norton but it seems they have made real progress over the past couple of years.

     

    The Microsoft OneCare online scanning site.

    4.  

  4. Keep your system patched. Hugely important and mostly overlooked by beginners, you must be sure to apply all security related OS updates from Microsoft. Use the High Priority Updates button on the Microsoft web site.

    5.  

  5. Use the Microsoft Windows Live OneCare online saftey scanner once a month. This online app scans your system, cleans the registry and helps keep your computer running great.

    6.  

  6. Back up your system regularly. You can use the Backup utility included with Windows XP which is free and works well. However I use and personally recommend using Norton Ghost, which provides additional capabilites including the ability to easily upgrade to larger hard drives (you know you'll need the space for iTunes) Simply purchase Ghost, follow the easy to use instructions and backup to an external USB2 or networked hard drive once a week. I can guarantee one day you will be so happy you did.