Skip navigation.
DIY Online Security
Because it matters and its easy once you know how!
 Basic Computer Security | Online Safety | Terms Of Use | Risks | Feedback

DIY Online Security - Welcome!

This website is aimed at the home computer user or a small / medium business user who is not a computer or security expert. The goal of the website is to provide clear, simple instructions on how to dramatically reduce the risk of becoming a victim and suffering (data and or financial) losses as a result of on-line fraud, identity theft, malware, spyware, viruses, trojans, spam, phishing attacks, data loss, computer hardware failure, etc.

To protect yourself on-line you need to do the following:

  • Ensure you have a secure computer system, including latest patches, firewalls, anti-virus, trojan / spyware detection and removal software. If necessary, you may have to sanitize your computer first.

  • Follow good security practices, including strategies for safe on-line banking, on-line shopping, protect your identity, protect your privacy, keeping your data confidential, reduce the amount of spam you get, protect your children, etc.

  • Regularly maintain your computer system, including patches, virus signatures, tests to check your security is still working

  • Back up your data


By improving your security you are also reducing the risk of your computer system being used by malicious hackers to attack other users on the Internet, and in particular you will be reducing the likelihood of your system being used to distribute spam and phishing attacks to other innocent users.

How much cost and effort is it to secure my system?

Costs vary but as a general rule home users (home personal use only) can achieve good security for less than about £55 GBP (less than about $100USD) since a lot of the software licences are free for personal home use (but check the licence carefully before use to make sure it is free). Small business users will have to pay more since there are few security products which are free for business use.

The amount of effort varies a lot from system to system, but we have found for a home user and small office user the following guides are reasonably accurate:

To read the contents of this site and to set up the basic security on system can take up to a few hours, depending on your situation. However, that time spent will pay for itself many times over in the future when there is a virus / malware / phishing outbreak on the Internet. After you have a good, solid, baseline system, there are some daily tasks - like backing up your data - which should only take a few minutes and then there are tasks such as maintaining your system for example keeping up to date and applying new patches which averages to about 1 hour a month spread over the month. But you need to apply your patches in a timely manner and not wait to the end of the month. (Note: for Microsoft Windows users Microsoft generally publishes patches on the first Tuesday of the month so shortly after that, depending on your timezone, you will need to update your system.)

This site is still developing and we intend to add content periodically. So please visit us regularly. This main page will show abstracts of the latest content added with links to those pages shown below.

How to navigate this site

Most of this site is written in a way fairly independent of operating system and the suggestions should apply equally well to a single computer or several networked together running Microsoft Windows XP, Mac OS or Linux. There are be some specific pages for the most popular operating systems, e.g. Windows, and Mac OS.

Note: If you are using older operating systems such as; Windows 95, Windows 98, Windows ME, Windows NT4, Mac OS 9 and earlier, then please read these notes about the security of these systems. In general the manufacturers are withdrawing support for these operating systems and will not be providing security updates – see their website for exact details. Thus from a security point of view it is very bad to use an operating system which is not supported by the manufacturer.

This site is divided into several chapters as shown in the navigation bar along the top of the page. Once you have selected a chapter a menu will appear on the left handside for that chapter. You can read each chapter like a book by following the "next page" links at the bottom of every page. This is probably the quickest way to get a flavour of all the issues we cover. We intend to cover only the main issues initially and plan to keep it fresh and current.

What now? - Simple Action Plan

  • Read the information on this site and some of the external references we provide.

  • Decide the level of security you want to achieve - the more security you want the more effort and possibly costs you will have to deploy. But as a minimum you should completely follow the instructions in the Chapter "Basic Computer Security" section titled "Minimum Security".

  • Make a note to revisit this site and check your system security on a monthly basis. (This assumes you will enable - the automatic features described in "Minimum Security").

  • Remember maintaining good security is a journey, not a destination. You must be vigilant all the time and think about your actions on line.

  • After the initial effort of setting up your system, the amount of work involved in maintaining good security is relatively small and pain free.

Caution

Note: before making any configuration changes (or you install any software) PLEASE please please back up any data, documents, files, etc that would cause you grief if you lost them. On all computer systems there is always a small risk of loss of data, files, etc when you add / remove programs, change configurations, etc.

You use the information provided on this site at your own risk. However, what we suggest should be fairly safe on most standard configurations of systems. You should remember to back up regularly anyway!! If you are unsure of anything please get professional help. This site is intended as a primer to reduce the risk you falling victim to an attack. However the risk can never be completely eliminated. Security is such a broad subject it is impossible to cover all aspects of it in such a primer. By learning about security and implementing the measures suggested on this site you can dramatically reduce the risk of your computer and or your sensitive data being compromised.

Please read the full terms of use of this site here .

 

Next Page - Why Protect Ourselves

» email this page

Child Safety Online

A security professional made a very succinct observation about how parents and their children understand the risks whilst they are online it goes as follows: “Children and teenagers are fearless whilst their parents are clueless.”

Children have taken to the internet like ducks to water and have very few worries about their online activities. Whereas most parents are not technical enough to have true understanding of their children's online activity – furthermore may not understand the legal ramifications of their activities.

Most children and teenagers need to use the internet to do their homework, communicate with their friends, possibly shop online, keep up with the latest trends etc.

» read more | login or register to post comments | email this page

Microsoft Vista

If you are a Microsoft Windows user, Microsoft has release its new operating system called Vista.

This new system is so new that several manufacturers of hardware and software, especially security software such as software firewalls and anti-virus, have not yet released versions of their products that will run on or with the Microsoft Vista operating system. For these reasons we would recommend that you wait before buying a new computer system with Microsoft Vista to allow the manufacturers to catch up. Furthermore, from a security point of view it is better to allow all the issues and quirks to become clear as people get used to a new operating system.

» read more | email this page

How do you think about & Analyse (Analyze) Risks?

Everyone has a different perception of the word “risks” and how to analyse them in a business context.

Some people prefer to list all the risks that a business can face, give a probability for the likelihood of that risk occurring and then for each likelihood multiply it by its impact, and finally add them all up to give a risk score.

Another way of thinking about risk is to consider the “Annualised Loss Expectancy” (ALE) i.e. what monetary loss can be expected on average to assets over a year. Thus the Annualized Loss Expectancy = sum of each loss expectancy multiplied by its annualized rate of occurrence. ALE is a good technique for dealing with risks which occur reasonably frequently, but is misleading for big one off events.

» read more | login or register to post comments | email this page

Wireless Security

Introduction

Wireless, or WiFi, computer network connectivity in the home and business setting can be very useful in that you don't have to run cables from the router / modem to the computer – especially if you use a portable computer you are free to carry around with you.

Furthermore – if you are away from the home or office you can access the Internet via numerous access points offer by coffee shops, hotels, airports, conferences, railway stations, and many other places.

However, due to a number of security issues surrounding the use of the wireless technology, this can cause you serious security problems. Also most wireless products, i.e. routers, network cards, access points, modems, etc, typically come with all the wireless security disabled so that it will “work out of the box”. You must make sure you enable the wireless security.

» read more | login or register to post comments | email this page

Computer Disposal

Most of us do not think of how we are going to dispose of our computer equipment when we upgrade to a shiny new computer. However, from a security and risk point of view, especially privacy and identity theft, it is vital you consider what you do with your old computer equipment.

Your computer hard disk will contain huge amounts of personal and confidential information, e.g.:

  • Private Letters
  • Emails
  • Online banking details
  • Business information
  • Your web surfing habits
  • etc

Some of this information you may think you have deleted but in fact all you have done is removed the pointer to it. Other information will have accumulated as a side effect of you using your computer, e.g. the browser's cache, url history, etc.

» read more | login or register to post comments | email this page

Install Anti-virus & Spyware detection & Removal Software

The detection software works by looking for specific patterns or “signatures” in files and other places in the operating system which malware leaves when your machine is infected or compromised.

This strategy leads to a race between the malware produces and good anti-virus / spyware detection software companies. I.e. the detection software needs to get the latest signatures as quickly as possible to stop an out break before it spreads.

To propagate and install themselves viruses, spyware and other malware depend upon flaws and weakness in your system and or it relies on you to click to allow it load itself onto you system. Thus you can do a lot to stop your system becoming infected by patching your system (to remove flaws in the operating system) and by observing good computer practices. I.e. not visiting dubious sites, clicking on and opening file attachments in emails. For example, a number of pornographic sites will for example try and download rogue diallers which will reprogram the way you access the Internet so that you access it through a premium rate service which will be many many times more expensive than your normal access method (i.e. dial up). You will not notice this problem until your next telephone bill.

» read more | login or register to post comments | email this page

Safe Online Shopping

As mentioned before there are some great bargains to be had on the Internet – but you need to exercise caution when shopping on-line.

This article is going to discuss how you can protect yourself whilst shopping online.

There are several ways you can buys goods on the Internet. For example you could visit a very big online shop such as Amazon.co.uk or Amazon.com or various airlines. You could visit an auction site such as Ebay or you could buy from thousands of smaller retailers. Finally you may see an advertisement in some classified listing and decide to buy from that individual.

» read more | login or register to post comments | email this page

Protecting Your Identity & Privacy

Protecting your identity and privacy is very important. You will be amazed how much information potentially can be obtained about you from various sources. Criminals will want to use your identity to commit fraud, theft, etc. At the other end of the spectrum it is now very common for employers to use the Internet to double check various social networking, blogging, friendship, dating sites.

Most people do not value their privacy or identity until something nasty happens – but by then it is too late. It may take years to repair your credit rating at a credit reference agency if your identity is use to commit fraud. So you must plan now a strategy for managing your identity and privacy on-line and in the real world. A lot of people delude themselves that their persona on-line is some how isolated from their real world existence. Search engines are very powerful tools for digging up information about people.

» read more | login or register to post comments | email this page