A 123 to Securing PC’s

Posted on February 26, 2009 by Stuart

I’ve been working in computing for 25yrs now and to be honest, not much surprises me anymore. Oh sure, human culpability and stupidity are ones that never cease to amaze me – but in terms of computer security I’m 99.9% confident of keeping my personal machine clean and free from harm. In 25yrs I have only once been infected by a virus, rootkit, malware or other unwanted nasty and that was my deliberate fault. I can’t say the same for the machines I’ve used in my professional life though – most of the times I’ve had to put up with restrictions that are meant to be there for the common good, but ultimately cause us techies grief. 

Anyway, today I’m going to let you in on my secret.

 I have a three step setup.

 1. Install Anti-Virus and keep it up to date – currently I run Avast at home and Nod32 in our Church.

2. Install a firewall and keep it up to date – for this I use Online Armor.

3. Finally I install and use Sandboxie for all my surfing.

Actually, my regime is much more than that but with just these three steps you’ll go a long way to keeping your machine clean^**. Today I want to talk about sandboxie which is a superb application and along with my other two security steps can be used personally for free, but in most other circumstances needs to be registered for €22 – approx UK £20 or US $29 per license.

The best way to understand this little application is to go and see its homepage which has a little animated gif running. From my youth a sandbox was always considered a safe place for a child to play. In essence the application creates a computer sandbox and allows whatever application you run within it to be safe and contained within the sandbox. Effectively a virtual computer is setup and you surf, download, install to your hearts content – all of it remains safe within the sandbox and will never infect your PC. In contrast, all of your security software will continue to work and alert you as per usual if a sandboxed app tries to do something naughty. So if you, or one of your users is a frequenter of the shadier sides of the internet, or they have a habit of clicking on all and any links they get sent then let me suggest you sandbox them.

One of the beauties of this is that you can change the startup for any app to be run sandboxed or force any app to run sandboxed. You can even (as of the latest version – 3.34) carry over application run restrictions. There is of course so much more to sandboxie than my brief introduction and maybe I’ll return to it another day! 

All that said, I don’t want you to misunderstand me, as I am far from complacent about my computer security. But if all you did was use these three steps, then I feel pretty confident that your (or your users) machine will remain fairly free of nasties.

 ** other things you can do are:

            - respond intelligently to any popups
            - keep drivers and software patched
            - keep OS patched
            - never click on a URL within an eMail unless you are 100% certain where it is from
            - never open an attachment, even if you know who it’s from. Always double check if you weren’t expecting one.
            - run a regular malware scan
            - don’t underestimate a good backup

Do you use a sandbox / virtual PC application?

What are your must do changes to a users PC? 

What do you do with persistent offenders?

Popularity: 1% [?]

Digg This Post

Other posts by Stuart

» Tags: malware, sandboxie, spyware, viurus

Comments

Twitter links powered by Tweet This v1.6.1, a WordPress plugin for Twitter.