A long time ago I set up a home router/firewall for a friend of my wife. I set up an antivirus program and local firewalling. I have not heard anything about this in years.
Last night my wife passed on a message. The friend, now widowed, has moved in with relatives. She took her computer with her and successfully hooked it up to an existing home network for Internet access. Her question for me: “I brought all my stuff with me – do I have enough security?”
I had to stop and think for a moment to even recall what she had back then. I have absolutely no knowledge of what she has now. The Internet connection is pre-existing, so she probably did not connect up her router/firewall appliance. That leaves whatever antivirus she currently has and any local firewall settings, in addition to whatever security is already in place in the local router.
Thinking about this, I’d suspect that her current security is probably about the same as her former security – something I have not examined in years. I have no idea if her antivirus is current, or has been updated, or even if it was disabled or removed as inconvenient. So let’s think about what should be in place for “enough security”. Bear in mind that this is for a home user – put the principles are not that different. In most cases it’s just a matter of degree.
1.) Physical Security – Is the computer physically protected? In danger form flooded toilets or sinks, in a stable location that won’t cause it to fall if a pet gets too close, and not readily visible to passing thieves? Is the electrical power source protected by a surge suppressor, and is there an uninterruptible power supply (UPS)?
2.) Intrusion Prevention – Does she have a current antivirus program? Is she firewalled, at the Internet connection or her local computer or both? Does she have any kind of malware protection or cleaning tools? Are any hard drives encrypted, and does she need that? If the network connection includes Wireless, is the WiFi connection secured and encrypted? How well?
3.) Disaster Recovery – Is her data being backed up in some fashion, in case something does happen to her computer? Does she have recovery media for her operating system and her applications? Is there any kind of warranty support on her computer?
Every system and setup will be a little different, and the owner’s needs may vary a bit, but these are the questions I would keep in mind if I wanted to know if my system is secure enough.