More and more people are conducting business over the internet – doing their banking, paying bills and ordering products. That's an awful lot of private information out in cyberspace, so how can you protect yourself from the hackers and the phishers* out there?

 

Make sure that:

 

· Your computer has an active firewall

· You have up-to-date antivirus software, and that your computer is scanned regularly for viruses and malware (at least once a week)

· You download and install operating system and application updates and security patches regularly

· You use a strong password, one that’s difficult to guess.

 

A firewall protects your computer system from hackers. It examines all traffic routed between you and the outside world, both incoming and outgoing, to see if it meets certain criteria.

Traffic moves through a network in packets, which are collections of data in particular sizes. Every packet contains information which helps it navigate the network and move to its destination. The packet can tell computers along the way, as well as the destination machine, where it came from, where it’s going, and what type of packet it is, among other things. Any packet that doesn’t meet the criteria set by the firewall will be automatically dropped.

 

Every computer connected to the internet faces the potential risk of a virus infection. An innocent-looking email may contain an attachment infected by a virus; or it could be a phishing attack in disguise. An email from a friend whose computer is infected by a worm* may then infect yours.  

 

The results can vary – from slowing your computer down, to seriously compromising the data on your system, breaching your privacy and / or destroying documents on your hard drive.

 

Make sure your system has antivirus software which is up-to-date with the latest virus definitions, and that your system is scanned for viruses at least once a week.

 

Remember, you need both a firewall and antivirus software, because they both do a different job. Antivirus software primarily protects against viruses, trojans and malware, whereas a firewall examines packets and is able to prevent packets that contain malicious code from getting through.

 

A patch is a fix to a ‘bug’ or vulnerability in a computer software program.  Why do we need patches? Because there are people out in cyberspace who deliberately look for flaws that makes particular software vulnerable to outside access. They then target those vulnerabilities for their own gain.

 

Some exploits allow hackers to run code and then take complete control of an infected system. Once they have gained access to the system, there’s a real possibility that they may be able to install programs, or view, change or delete data at will.

 

As new vulnerabilities are being discovered on a daily basis, it’s best to setup your computer system to automatically download patches as they become available.

 

Do you write your passwords down and then leave them where others can find them? Or do you create passwords that are so easy that your friends and colleagues have no trouble guessing them?

 

To protect your data, it’s important that you choose a ‘strong’ password. Commonly used words, or words from a standard dictionary, are generally considered ‘weak’ passwords – and so is your name, the name of your company, your date of birth, or the name of a child or a pet.

 

A password that is commonly used is the word ‘password’, itself. You should never use this word or variants, such as ‘passw0rd’ in any of your passwords as these are extremely simple to guess. 

 

A strong password is one contains a combination of upper and lower case alpha- numeric characters, plus numbers and special characters, such as &?@!, and so on.

 

Some tips for choosing a strong password are as follows:

Try using a passphrase or a nonsensical word:

A passphrase could be a lyric from a song or a favourite quote. An example of a strong passphrase is Superman is $uper str0ng!

 

A nonsensical word can be built using the first letter from each word in a phrase e.g. C$200wpG represents Collect $200 when passing Go.

 

These typically have additional benefits such as being longer and easier to remember.

 

Finally, change your passwords regularly – and if you have many passwords, then you may wish to consider changing them all at the same time – it’s actually easier that way!

 

Check out this website from Microsoft for other tips on creating strong passwords: http://www.microsoft.com/protect/yourself/password/create.mspx

*Phishing is an attempt to get you to reveal your passwords and bank account details, among others. By stealing that information, intruders can use your money to buy goods and services for themselves.

 

*Trojan: a malicious program that appears legitimate. It may gather information from your computer such as passwords, or allow your computer to be used for denial of service attacks.

*Worm: a malicious program that replicates itself from system to system, such as via an email program or network.