7 PC Security – Virus Protection Tips from the NSA

PC Security - Virus ProtectionPC Security – Virus Protection and Privacy is a huge issue. An article I read recently outlined some security tips and recommendations by the NSA for its Department of Defense and intelligence customers. Seven basic measures stood out that both consumers and small businesses can easily implement to protect themselves from hackers and cybercriminals.

Some of these are very well known standard procedures that I have recommended to my customers, or went ahead and set them up as part of my regular maintenance service. A couple were new to me. Read on and make your computer safer.

Enable Automatic Software Updates.

Not the coolest security technique, but you have to start with the basics. Nothing is more basic than making sure that your system is up-to-date, so it’s no surprise that the NSA recommends enabling automatic updates in Windows. Most updates install PC Security – Virus Protection and Privacy improvements, so you really must get these. You should also update core programs like Java, Adobe Reader and Flash Player.

Doing so is easy. First, go to “System and Security” from the Windows Control Panel. Click “Turn automatic update on and off”, and select Install updates automatically.

Encrypt Your Hard Drive

You can use BitLocker encryption, which is built into the Enterprise and Ultimate versions of Windows 7, as well as the Pro and Enterprise versions of Windows 8. When enabled, BitLocker encrypts all of the data kept on a storage volume, and it continues working in the background to protect the contents of a Windows PC from unauthorized access. If you run Windows 7 Home Premium, or standard Windows 8, you can install 3rd party encryption software, such as PGP from Symantec (the Norton people) or Data Locker.

Put Tape Over Your Webcam

You may have seen people in the coffee shop with tape over their laptop webcams and thought they were a bit paranoid. I often chuckle when I see this but it’s actually becoming a valid issue these days. Sure, they’re great for video chats, but they’re also tools for hackers to spy on users. You’d never never know you were being watched either. Even though the webcam indicator light is supposed to switch on when the camera activates, hackers have found ways to disable the light in some laptop models.

According to the NSA, a simple, low-tech solution is to tape over your webcam—with black tape, naturally. If you’re worried that the sticky residue might damage the webcam, use tape to secure a small piece of paper over the lens.

Disable the Built-in Microphone

Just like your webcam, your microphone can give hackers access to your private world as well. Your laptop’s microphone is typically enabled by default, so it can fall prey to remote hijacking and allow snoops to eavesdrop on your conversations.

To turn it off, launch the Sound applet from the Control Panel. Click the Recording tab, select your laptop’s built-in microphone, and disable it.

Disable Unnecessary Network Services

While you can’t lock out hackers completely, you don’t have to make their job any easier. Start by disabling network-related services that you don’t use, as attackers and snoops could exploit them to access your files and devices. Such services will likely include IPv6, Bluetooth wireless, or even Wi-Fi. If you’re primarily using deskbound laptops connected via an ethernet cable, turn off WiFi. If you don’t share files and printers with other PC’s, disable “File and Printer Sharing”. This is recommended by Microsoft as well.

Harden Your Account Settings

Take the time to tweak your Windows account settings to improve your PC Security – Virus Protection and Privacy. Few security measures offer so much protection for so little effort. The first step is to disable (or delete) any guest accounts that are present. Also ensure that a password is set for each account. Many people don’t use a password because they’re the only ones who use the computer. They forget that hackers are also snooping over the web or in coffee shop networks. Logging off when you’re not using your PC, or putting it to sleep will prevent such attacks if you use a password.

If you use sleep mode, adjust your PC’s settings to require a password on waking up.

Also enable a screensaver and set it to start within a reasonably short inactivity time (5 to 10 minutes). To do so, right-click the desktop, select “Personalize” from the menu, and click Screen Saver. Make sure to select the “On resume, display logon screen” checkbox. Of course, you will need to have a password set up first for this step to work.

Don’t Read eMail or Surf the Web on an Admin Account

This one is kind of a pain, but web surfing on a user account with administrative rights is like walking through a bad neighborhood with your ATM PIN written on your forehead. This technique will limit the damage if a virus attack or malware exploit hits you, because your PC will not yield as many permissions to a virus program. It may even prevent the virus or spyware from running at all.

Given the huge number of attacks launched via email messages, it’s a good idea to read new email messages only on a Standard (non-administrator) account. This practice won’t protect you from phishing attempts that try to trick you into giving up your password or other private information, so be sure to stay on your guard for fake emails.

To set up a Standard account, just go to the “Control Panel” and set up a new account, selecting a “Standard” versus “Administrator” account type. You can use this account most of the time. If you want to install new software or make other changes to your system, Windows will prompt you to enter your Administrator password so you can do this one task. It then goes back to Standard account mode.

I hope this helps you understand more about security and virus attacks. I know some of these techniques may be more involved than what you’re willing to do, but at least do some of these. Of course, 100% privacy and security is impossible, but you can at least try to increase your safety a little.

Confused? We Can Help!

If you’d like help with implementing some of these PC Security – Virus Protection and Privacy techniques, call our Tucson Computer Service and we’ll get you set up with a safer PC.

Steve Frantzis
Owner, Saguaro PC Tech, LLC

About Steve Frantzis

Steve Frantzis is the Owner of Saguaro PC Tech, LLC, a computer repair shop in Tucson. If you have any questions or need help with your laptop, desktop, Mac, or mobile device, please call Us at (520) 250-5948.