1. Upgrade Your Operating System: Make it 64-bit
Many companies use the “if not broken, do not fix” philosophy to justify the continued use of Windows XP. But when it comes to security, XP is broken, and the fact that you can still get updates – provided you have Service Pack 3 – does not really fix this long-lived OS from a security perspective.
Remember that XP has now become more than a decade – it celebrated its tenth anniversary on August 24, 2011 – so the transition to Windows 7 has been delayed. (When upgrading to Windows 7, make sure you choose 64-bit instead of 32- Because the previous version is more difficult for the bad guys to concede.)
Click Here : Networking Tips
2. Minimize the Use of Administrator Accounts
By default (not to mention necessity), the first account you set up on a Windows PC has administrator rights, even if the account is not necessarily called Administrator. Unfortunately, people often use this default account for everyday computing activities, making them particularly vulnerable to the countless threats one always faces while surfing the web and accessing email. (Malware depends on administrator access, after all.)
The remedy: Create a standard user account to use your computer on business days, and save the administrator account when it is already needed – for things like installing hardware or software or making system-wide configuration changes. Remember that while you’re signed in with a standard account, you can right-click any program icon and choose the “Run as administrator” option if needed.
3. Use Full Disk Encryption (FDE) on Laptops
Laptops are easily lost or stolen, and when this happens, standard password protection may not be sufficient to prevent any specific thief from accessing your sensitive data. Full Disk Encryption (FDE), on the other hand, gives you an extra layer of protection by locking not only specific files or folders but also the entire computer contents, including the operating system.
Windows 7 provides full disk encryption included as part of its BitLocker feature, although it is only available in Enterprise and Ultimate editions. (You can upgrade a lower version of Windows 7 to Ultimate through Windows Anytime Upgrade.) Otherwise, there are a number of third-party full-disk encryption products, including Getico’s BestCrypt and Open Source Open TrueCrypt.
4. Ditch Office 2003
Microsoft Office is one of the basic elements of a small business, but if you are still using Office 2003 (and many offices), beware of it, because Office 2003 documents use a binary file format that can execute potentially harmful code when opened. On the other hand, the XML file formats used by the latest versions of Office 2007 and 2010 greatly reduce this problem. Office 2010 includes a “protected view” that opens potentially dangerous files – such as e-mail attachments and downloaded files Internet – in read-only mode.
5. Keep Your Programs Up-to-Date
Be sure to update your third-party software when you are prompted to do so, and if your software does not remind you, make sure you have updates from time to time. It’s true that these updates often include new features you may care about or do not care about, but they often provide important security fixes behind the scenes as well. For help, check out Secunia Personal Software Inspector (PSI), which scans the programs installed on your Windows system and lets you know which one needs security updates (as well as download links).
6. Use Your Own Router/Wireless Access Point
These days, many ISPs provide cable / DSL modems with an embedded router, an Ethernet adapter, and a Wi-Fi access point. These devices may be convenient, but they can leave the security of your network in the hands of your ISP instead of your device. (Many ISPs limit your ability to update firmware, view, or change configuration options on their devices.)
Instead of running your network on a device that you do not own or control entirely, provide your wireless router / access point and disable these on your ISP.
7. Use WPA2
You may already know that securing a Wi-Fi network with WEP encryption is barely better than it is. But even the superior WPA is largely vulnerable to intrusion, especially when using short and / or dictionary-based passphrases.
To maximize the security on your wireless network, WPA2 adheres to AES encryption, which is much stronger than the TKIP method commonly used by WPA. Be aware of two warnings, though: First, some Wi-Fi devices that are not connected to your computer may not support WPA2 (this firmware updates may be addressed). WPA2 also consumes more computing power than WPA, so it can reduce wireless network speed when used with older access points and / or computers.
8. Use an Alternate DNS Provider
Any small business networks rely on Internet service providers for DNS, which allows you to access websites and other Internet resources with familiar names of obscure IP addresses and numbers only. Switching to a third-party DNS service such as OpenDNS tends to provide faster browsing performance, and enhances security by preventing access to sites that may be infected by malicious software. (Note: GFI Software recently stopped its ClearCloud DNS service, and Google’s public DNS service currently does not provide any malware.)
9. Disable Remote Administration
Almost all routers have a remote administration feature that lets you sign in to view or modify your network settings from the Internet. To reduce the risk of unauthorized access to your network by an unauthorized third party, you must disable remote administration so that administrative tasks can only be performed from within the network.
10. Use Strong Passwords
I’ve heard this before, but do you? All network devices, from routers to NAS drives to printers, etc. must be configured with strong passwords. This means at least eight characters, with mixed characters, letters, numbers and / or symbols, and no proper dictionary names or words.
For More :Computer Tips