By now, you should be aware that security management is essential for everyone. Whether you are operating a home system, overseeing a small startup, or performing security governance for an enterprise, everyone can benefit from paying more attention to security. Without going into great detail, here are the basics of personal technology security:
I assume that you have already addressed these concerns and want to know the next steps in the pursuit of a more secure computing system. To that end, I'm sharing a list of 10 security tools or security tests that everyone should know how to use. These are products and services that will assist you confirm that your security is robust, check out suspicious issues, and keep ahead of new risks and threats.
Note: Most of the tools I recommend are Windows only. If you know of Mac or Linux solutions that offer similar functionality please send me a message. Also, most of the items I list are free. Some have paid versions you might consider if you discover the free version is indispensable.
Once a system has been updated, configured, and otherwise "secured," the next step is to test and evaluate the established security. There are a wide range of security scanners and vulnerability assessment tools available. One of the best is Tenable's Nessus. For personal use, Nessus Home is free to use to scan up to 16 systems. Nessus Home offers a thorough security scanner, which assesses configurations, patches, malware, mobile devices, and more. The commercial version of Nessus is suitable for scanning enterprise networks. The Nessus Home product is just as robust, but not overly complex. The scan reports from Nessus are amazingly detailed. By following up on each issue discovered by Nessus Home, you are sure to improve your overall security stance.
To check out Nessus Home for yourself, visit: http://www.tenable.com/products/nessus-home
Everyone encounters suspicious files from time to time. Files from unknown sources could be infected by malware. There are a number of online virus scanning services, of which VirusTotal is one of the best. To quote their own description: "VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners."
VirusTotal maintains over 50 malware and spyware scanners which you can use to check out files. You can either upload a file from your local system or provide a URL to a questionable file. In either case, VirusTotal will perform a real-time scan of the suspect file and provide you with the results. You can use this free online service to keep your infection risk low. Since only a single real-time scanner can be run on your own local machine, having 50+ malware scanners available for use is an invaluable asset. The range of different detection engines, scanning features, and custom definition databases amongst the wide range of anti-malware products can be brought to bear without having to maintain dozens of separate systems yourself.
If you have a file that you think might be infected, toss it up to https://www.virustotal.com/.
Keeping current with patches and updates across all software on a computer can be quite challenging. Your operating system typically will automatically download and install new updates and a few of your applications likely do this as well. But not every installed application is able to auto-update. Those that do often run an additional background service that periodically checks for updates, but having dozens of these background services eats up system performance. I recommend replacing the one-off updater services with one solution that will keep all products current across your entire computer. That tool is Flexera PSI.
Flexera PSI (Personal Software Inspector) regularly scans your system for applications, then checks those applications against their available versions. If a new or updated version is available, Flexera PSI can automatically download and install the update or just notify you of its availability.
Note: Flexera acquired Secunia, the original vendor of this product. You may still see the Secunia name in some of the dialog boxes.
To give Flexera PSI a try, visit: https://www.flexera.com/enterprise/products/software-vulnerabilitv-management/personal-software-inspector/
Another note: Flexera PSI does not automatically replace the per-app background checkers. You will need to manually uninstall or disable those. For that, see the next section about Autoruns.
If you want a way to keep track of hardware drivers, consider Driver Booster at http://www.iobit.com/driver-booster.php. This tool can detect outdated drivers and assist in downloading and installing the latest versions.
The process task list on a typical computer includes dozens of applications and services. Many of these are not essential to your normal activities or the software products they are associated with. Background updaters, speed boosters, preloaders, etc. all get installed when you install or update applications, then these little "helpers" launch at each system reboot. These unnecessary components slow boot time and consume system resources, often making your computer operate far below optimum performance levels. The solution is to remove or disable the offending items. The tool I recommend for this is Autoruns.
Autoruns is a tool offered by Microsoft. It was created and is maintained by Mark Russinovich and Bryce Cogswell (formerly of Sysinternals, before being acquired). Autoruns scans your system for all of the things that get launched at bootup or login. You are presented with an organized list of items. You can select to disable any item or to completely remove an item. I recommend disabling items first, then test that the element isn't actually needed. In most cases, leaving items disabled is sufficient. If you determine that an item needs to be completely removed from your system, then you can opt to delete it. However, the deletion only removes the Registry elements that cause the auto-launching; it does not remove or uninstall the item from the system overall.
To start using Autoruns, visit http://technet.microsoft.com/en-us/svsinternals/. Grab the Sysinternals Suite, which includes Autoruns plus many other excellent free utilities. Or grab just Autoruns from https://docs.microsoft.com/en-us/svsinternals/downloads/autoruns.
Keep in mind that blindly disabling items on your system can result in system failures or applications failing to operate properly. So, take the time to research every element before you elect to disable it. You can gain some greater understanding of what is on your system and what is suspicious with any of the tools in the next section.
Knowing the programs that are running on your computer can be a challenge. What is it? What does it do? Is it malicious? Do I even want it? Should I remove it? Answers to these questions are not too far away. There are many tools that can help in this regard. My favorites are Crowdlnspect and Should I Remove It?
Crowdlnspect pulls data from VirusTotal, the Malware Hash Registry (MHR) (https://www.team-cvmru.org/MHR.html), WOT (Web Of Trust) services (https://www.mvwot.com/), and from its own monitoring of malicious injection activities. With this range of detail, you can quickly discover unwanted operators on your system. Visit: http://www.crowdstrike.com/crowdinspect/
Should I Remove It? focuses on detecting unwanted software, such as adware, spyware, toolbars, malware, and unwanted applications. In the pursuit of removing bloatware and crapware, this tool quickly identifies those applications you want out of your system fast. Visit: http://www.shouldiremoveit.com/
ShieldsUp is a free online service for testing your firewall and how exposed you are online. ShieldsUp operates from the Gibson Research Corporation's website (grc.com), and offers a quick assessment of your attack surface as exposed online. Go test your system and find out what hackers can see when they network scan your IP address. Follow the recommendations to improve your security and lock down your vulnerabilities. The ShieldsUp service is found at https://www.grc.com in the Services menu.
While at GRC, you might want to explore other amazing tools and services, such as DNS benchmark, HTTPS Fingerprinting, and SpinRite.
Often your anti-malware scanner just isn't enough. Using advanced supplemental tools to detect and remove malicious code is an essential part of being an Internet user. Two great tools to have on hand are Malwarebytes and HijackThis. These tools can usually operate on your system concurrently with an existing real-time anti-malware scanner, a feature which is not true of many malware products. Whenever you suspect an infection or think you have inadvertently performed a risky activity— and your anti-malware scanner is staying suspiciously quiet—run one of these tools to discover if your fear is justified. Malwarebytes can be found at https://www.malwarebvtes.org/ while HijackThis is available at https://sourceforge.net/proiects/hit/.
Surfing the Internet has become a dangerous activity. If you are using a web browser with default configuration, you are vulnerable to a wide range of exploitations and attacks. Most of these issues are due to the fact that most websites transmit mobile code to web browsers for client side execution. While most of this code is safe and benign, there is no way for an end user to know when malicious mobile code is being offered until it is too late (i.e. it is already running on the user's system). The only way to mitigate this risk is to disable client side execution of scripts and mobile code. While this can be done in most browsers directly, it can be difficult and usually applies universally. A better solution is to use a browser extension that adds quick access to a range of features including being able to target the settings on a per-site basis. For Chrome users, the tool uBIock Origin (https://www.ublock.org/) is a great choice. For Firefox users, the tool NoScript (http://noscript.net/) is the clear leader. These tools can be quickly located in their respective browser's extension/add-on marketplace.
Note: If you are using a different browser which does not have a similar add-on utility, I'd recommend switching to Chrome or Firefox.
Just using your computer will cause a plethora of detritus to build up over time. This includes temporary files, histories, cached content, cookies, downloads, MRU (most recently used) listings, orphaned files, and stray registry entries. Some of this cruft is left over when uninstalling legitimate or malicious software. From time to time, performing a deep clean of your OS will result in improved performance. Try out the CCIeaner tool: https://www.piriform.com/ccleaner
Sometimes files get deleted by mistake. Important files. Files that you haven't backed up. (You have a backup, right!?!) Fortunately, the standard delete function removes the direct listing and pointers to storage clusters, while leaving the actual file data in place. If subsequent write activities overwrite these "available" clusters, the data is lost. However, if you can attempt a reclamation of the lost file before the data is actually lost, the act of undelete may be possible. I've used Pandora Recovery several times to recover files. Try it yourself: http://www.pandorarecoverv.com/
Sometimes your system will become infected by something that your native or standard detection and removal tools are unable to address. When you think you are in this situation, before giving up and low-level formatting or replacing hardware, try an offline scanner. Microsoft's Windows Defender Offline (WDO) is used to scan your system while the OS is not active. This can give the security scanner the boost it needs to detect and remove some of the nastiest forms of malware. Download WDO, install it on a spare USB drive, so you can be prepared: https://support.microsoft.com/en-us/help/17466/windows-defender-offline-help-protect-mv-pc
You cannot trust any network connection that is established and maintained by anyone other than yourself (and maybe to some extent your employer, but I would still be cautious). Many attacks, exploits, session hijacks, man-in-the-middle attacks, and identity theft events take place or are initiated local to the victim's network connection. Today, this is all too commonly an open wireless network. You must take action to defend yourself. One option is to elect to never use WiFi, but that tactic is a hard one to stick with. Another option is to purchase and use a portable hot spot, but that is expensive and yet another item to carry with you, and it is not usable in all situations, such as when needing to use an untrusted wired network or while on an airplane. A third option, and the one I most often recommend, is to use a VPN.
A VPN (virtual private network) is an encrypted connection established over your
existing internet link from your local system to a trusted exit point on the internet. While a VPN does not guarantee protection from all internet-based evils, it will provide significant protection from those attempting to harm you who are in close physical proximity. If you are unfamiliar with VPNs, then I would recommend a great VPN "service with training wheels" (my emphasis) known as Tunnel Bear (https://www.tunnelbear.com/). The service that I have been using for several years is NordVPN (https://nordvpn.com/). Or you can pick your own using the information collected and organized by That One Privacy Guy at https://thatoneprivacvsite.net/vpn-comparison-chart/. You also might find some interesting and relevant content at https://www.privacvtools.io/.
You should learn to use the private browsing mode of your preferred browser. This is a feature of most modern browsers that opens a new browser window, preventing any existing information like your current cookies, temporary files, browser history, and identity, from being leaked to sites visited within the private browsing window. All data received during the private session will be discarded when the private browsing window is closed. To make the most of this feature, you should open a new private window, visit a single website, but before changing to a different website, close the current private window, then open a new private browser window. This will maximize the privacy and tracking protection of this feature.
If you are not convinced how important it is to use private browsing mode, then use the cookie revealing add-on for Firefox known as Lightbeam (https://www.mozilla.org/en-US/liqhtbeam/) which can be easily found in the Mozilla Add-On marketplace. After installing, just visit six sites and review the collected information. You'll want every task you perform online to take place within a unique private browsing window!
Over the last few years the rate and severity of malware infections that damage, destroy, or hold your data hostage has increased dramatically. You must take precautions now because it will be too late for your data if infected by ransomware or destructive malware. Your data includes your documents, images, movies, text files, PDFs, and often even your configuration files. Everyone should already have an external drive to create backups. Set a reminder that at least once a week you make a copy of your data to the physically local drive. If you are skilled at automation, consider automating this process daily, especially if you can keep the drive online within your private network.
But don't forget about the 3-2-1 backup rule. This rule states that you need to have three copies of your data (the original and two backups), the backups should be on two different types of media, and that the backup media should be stored in more than one place. With just a local USB storage device, you have not quite fulfilled your backup requirements and responsibilities. I recommend using an online cloud backup as your second backup.
I recommend you consider using Backblaze. They offer a great solution for a reasonable fee which is suitable for typical home environments, as well as for power-users. If you are not convinced that Backblaze is the solution for you, other commercial options include Carbonite and IDrive, or you can craft your own using the open source tool Duplicati and store your backups on Microsoft OneDrive, Amazon Cloud Drive, Amazon S3, Google Drive, Box.com, Mega, HubiC, or others.
It is everyone's responsibility to be more secure. Having the right tools on hand goes a long way toward achieving the goal of better security. Be the IT expert yourself on home systems by using these 10 tools (plus four bonus ones!) to get a better handle on the security of your systems. And be on the lookout for other great tools to expand your security toolbox.
James Michael Stewart has been working with computers and technology for over 30 years. His work focuses on security, certification, and various operating systems. Recently, Michael has been teaching job skill and certification courses for over 20 years, such as CISSP, ethical hacking/penetration testing, computer forensics, and Security+. He is an author on the CISSP Study Guide 8th Edition and the author of Security+ Review Guide 4th Edition (SYO-501). Michael has also contributed to many other security-focused materials including exam preparation guides, practice exams, DVD video instruction, and courseware. In addition, Michael has co-authored numerous books on other security, certification, and administration topics. He has developed certification courseware and training materials as well as presented these materials in the classroom. Michael holds a variety of certifications, including: CISSP, CEH, CHFI, ECSA, and Security+. Michael graduated in 1992 from the University of Texas at Austin with a bachelor's degree in Philosophy. Despite his degree, his computer knowledge is self-acquired, based on seat-of-the-pants hands-on "street smarts" experience. You can reach Michael by email at Michael impacton line.com.