|
'''Defensive Computing''' is a form of practice for computer users to help reduce the risk of computing problems, by avoiding dangerous computing practices. The primary goal of this method of computing is to be able to anticipate and prepare for potentially problematic situations prior to their occurrence, despite any adverse conditions of a computer system or any mistakes made by other users. This can be achieved through adherence to a variety of general guidelines, as well as the practice of specific computing techniques.
Strategies for defensive computing could be divided into two categories, [[network security]] and the [[backup]] and [[restoration]] of data.
Defensive computing is about taking steps when things are running well, to avoid or minimize problems down the road. In short, it's about being smart and planning ahead. <ref name="one">[http://att.com.com/8301-13554_3-9740197-33.html http://att.com.com/8301-13554_3-9740197-33.html], Introducing the defensive computing blog </ref> Strategies for defensive computing could be divided into two categories: [[Network security]] being the first one, and [[backup]], recovery procedures and file protection as the second.
== Network Security ==
=== Anti-Malware software ===
A basic strategy for all defensive computer users is to install and use anti-[[malware]] software.
Firewalls may not completely protect a computer. Malicious software may be able to get through a firewall and onto a system. Anti-Malware such as anti-virus, anti-phishing and email filtering software offer some protection against harmful software that reside within a computer. The amount of malicious software available over the Internet is steadily increasing. <ref name="four">[http://www.washingtonpost.com/wp-dyn/content/article/2008/03/19/AR2008031901439.html http://www.washingtonpost.com/wp-dyn/content/article/2008/03/19/AR2008031901439.html], Antivirus Firms ScramblinbScrambling to Keep Up</ref> It is important for defensive users to use to anti-malware that is both effective and easily updated in order to combat new strains of malicious software that are developed.<ref name="two">[http://news.cnet.com/8301-13554_3-9923976-33.html http://news.cnet.com/8301-13554_3-9923976-33.html], The Pillars of Defensive Computing</ref>
=== Skepticism ===
An important aspect of defensive computing is for users to be skeptical of the data to which they have access via the Internet.<ref name="five">[http://www.melbpc.org.au/pcupdate/2206/2206article6.htm http://www.melbpc.org.au/pcupdate/2206/2206article6.htm], How To Protect Yourself From Virus Infection</ref> Malicious software can exist in a multitude of different forms and many are misleading to general computer users and even some anti-malware software. Defensive users think critically about the information they can access, to reduce their chances of downloading and spreading malicious software. Strategies include scanning [[email attachments]] prior to opening them and manually filtering suspicious emails from inboxes. Users should be aware of persuasive subject lines and headings in emails from any address, as they may actually contain malicious software or spam, which can mislead users into false advertisement resulting in identity theft.<ref name="two">[http://news.cnet.com/8301-13554_3-9923976-33.html http://news.cnet.com/8301-13554_3-9923976-33.html], The Pillars of Defensive Computing</ref>
Defensive users can scan files they download prior to opening them and can also configure their computers to show [[file extensions]], revealing potentially dangerous files that appear harmless[7]. Skepticism can also be applied to the websites visited by users. As with emails, users can be lead to false advertisements. Also, malicious software can unknowingly be downloaded and infect a computer, just by visiting a certain website.
=== Emails ===
Users should be extremely careful when opening email attachments. It is a very good habit to only open attachments after scanning them first with an up-to-date antivirus program. When the user receives an image file, he/she shouldn’t double-click on the attachment. The image viewing application should be opened first and then the image should be opened from within the viewing program. <ref name="eight">[http://www.melbpc.org.au/pcupdate/2206/2206article6.htm http://www.melbpc.org.au/pcupdate/2206/2206article6.htm], How To Protect Yourself From Virus Infection </ref>
Also one should beware of persuasive messages with headings that are out of the ordinary, or invitations that promise rewards or excitement. Most of them could be spam, misleading the user into false advertisement that could reach his/her private information.
The important lesson is to always be skeptical about e-mail messages, and to not judge them based on the sender’s address. It is very easy to forge the sender’s address in an e-mail message. <ref name="three">[http://news.cnet.com/8301-13554_3-9763538-33.html http://news.cnet.com/8301-13554_3-9763538-33.html], A new e-mail scam </ref>
Check [http://michaelhorowitz.com/bademails.html this link] for examples of unsafe emails.
=== Downloading ===
Users should be careful when [[downloading]] and opening files. Once again it is a very good idea to scan them with an up-to-date [[antivirus]] program before opening them. Users should configure their computers to always show [[file extensions]], in this way not letting dangerous files (EXE, VBS, BAT) appear as harmless (JPG, TXT, DOC). <ref name="two" />
=== Instant Messaging ===
On the Internet, a person’s identity is completely concealed. This anonymity comes into play even when users are [[instant messaging]] with somebody they know. All the responses from a friend’s computer may not actually be coming from the user’s friend. Some may be inserted by [[malicious software]] running on that person’s computer. <ref name="four">[http://news.cnet.com/8301-13554_3-10047186-33.html http://news.cnet.com/8301-13554_3-10047186-33.html], Defending instant messaging </ref>
If a [[computer virus|virus]] infects a user’s friend’s computer’s instant messaging program, then it can insert anything into the chat windows and it will look like the message is coming from the user’s friend. Furthermore, it can provide a link for the user to click on that may lead to malicious software. <ref name="five">[http://www.eset.com/threat-center/blog/?p=148 http://www.eset.com/threat-center/blog/?p=148], It Doesn’t Hurt to Ask </ref>
== Backup and Recovery Procedures ==
| 