Step 1. Protect Your Desktops and Laptops

If you do only three things to safeguard the computers you use in your business, make sure you do these three:
  1. Update your software.
  2. Protect against viruses.
  3. Set up a firewall.
They won't keep you completely safe from security threats and productivity loss, but together they give you a powerful first line of defence.

1. UPDATE YOUR SOFTWARE
Hackers like to find and exploit bugs and loopholes in popular software products. Some do it for money, some to make a statement, some simply to cause trouble. And they can cause trouble - exposing customer credit card numbers on a website or stealing passwords in a computer. The impact on a business can be fatal.

Basic Steps You Can Take

When Microsoft or another company discovers a vulnerability in its software, it typically releases an update that can be downloaded over the internet. The update "patches" the loophole or bug to keep hackers from causing trouble. Over time, however, software products have become more secure. Windows XP Professional, for instance, is inherently more secure than Windows 95. And Windows XP Professional with Service Pack 2 (SP2) provides even stronger security settings that help defend against hackers, viruses and worms. But that doesn't negate the importance of downloading and installing patches as soon as they are released.

Installing updates for Windows:
  • Windows XP Professional: Go to the Windows Update website (Now you can access the same updates and downloads available from Windows Update, plus updates for Office and other Microsoft applications, at Microsoft Update), click Scan for Updates, and the website automatically analyses your PC and determines what updates you need. You can then download and install the patches. You can also make this happen automatically by enabling the Automatic Update feature in Windows XP. When important updates like SP2 are released, you'll receive them automatically.
  • Windows 2000: If you're running Windows 2000 as part of a domain or as a stand-alone computer, visit the Windows Update website, where you will find the latest service packs, device drivers, application compatibility and system security updates.
  • Windows 95 and 98: If you are running one of the older versions of Windows, you should know they are much less secure than newer versions of the operating system, such as Windows XP. Microsoft strongly encourages upgrading to ensure the highest level of desktop security. Go to the Windows XP site for details.
To have updates automatically downloaded and installed to a PC running Windows XP:
  1. Click Start.
  2. Click Control Panel.
  3. Click on System.
  4. Select the Automatic Updates tab in the System Properties box (see Figure 1).
  5. Select Automatic (recommended).
  6. From the drop-down lists, select the day and time each day to download and install updates.
  7. Click OK.
Figure 1
Figure 1

Installing updates for Microsoft Office
Keep current with security patches for Office, which are available with other downloadable add-ins at the Office Update website.

2. PROTECT AGAINST VIRUSES
Viruses, as well as worms and Trojan horses, are malicious programs that run on your computer. Some viruses delete or change files. Others consume computer resources. Some allow outsiders access to your files. One of the more ominous characteristics of viruses is that they can replicate-or copy-themselves. A virus can grab e-mail addresses from a contacts list and send itself to those addresses. Virus-infected computers can spread throughout your company and cause serious downtime and data loss. You also risk infecting computers of clients and customers you communicate with via e-mail.

Basic Steps You Can Take
  1. Install anti-virus software. You should have anti-virus protection on all of your desktop and laptop computers. Anti-virus software works by scanning the contents of incoming e-mails (and files already on your computer) to detect virus signatures. If it finds a virus, it deletes or quarantines it. Because hundreds of viruses are released each month, all anti-virus software must be updated regularly with the latest signature definitions so the software can catch the latest viruses. Look for software that automatically downloads the latest definitions and programs from the Internet. Here are links to anti-virus programs from some of the better-known security software makers:
  2. Never open suspicious files. Make sure everyone on your team understands they should delete - without opening - any files attached to an e-mail from an unknown, suspicious or untrustworthy source.
  3. Use e-mail security features. Both Outlook 2003 and Outlook Express 6.0 have settings that help detect and eliminate potentially infected e-mail. Look into upgrading to these programs if you don't use them already.

    To set junk e-mail options in Outlook 2003:
    1. Click the Actions menu.
    2. Select Junk E-mail and click Junk E-Mail Options.
    3. Select the level of junk e-mail protection you want from the list of choices (see Figure 2).
    4. Click OK.
    Figure 2
    Figure 2
3. SET UP A FIREWALL
If you have an always-on broadband connection, chances are your company's computer network is randomly probed by criminal hackers. Once they stumble on a valid computer address, they try to exploit vulnerabilities in software or decipher passwords to gain access to your network-and ultimately individual machines and everything on them.

Basic Steps You Can Take

Like a moat around a castle, a firewall can block intruders from gaining access to your private network. There are two basic types of firewalls:
  1. Hardware firewalls block all traffic between the internet and your network that isn't explicitly allowed. For instance, you may want to configure the firewall to accept certain kinds of e-mail and web traffic, but reject all other types. These firewalls can also hide the addresses of the computers behind your firewall, making individual computers on your network invisible to the outside. A firewall may be integrated into the router or DSL/cable modem supplied by your ISP
  2. Software firewalls, such as the Windows Firewall built into Windows XP Professional with SP2. With Windows XP with SP2, the firewall is enabled by default. This means that, by default, all the connections-including LAN (wired and wireless), dial-up and virtual private network (VPN) connections-are protected by the Windows Firewall.
If you don't have Windows XP, you can purchase a commercial software firewall. ZoneLabs, McAfee and Symantec all sell firewall products.

Read More About It

Protecting Clients from Network Attacks
Adding and Securing a Computer Running Windows XP Professional by Using Windows Small Business Server 2003
Securing Windows XP Pro in a Peer-to-Peer Networking Environment
Securing Windows XP Pro Clients in a Windows Server Environment
Securing a Client Computer Running Microsoft Windows XP Professional in a Windows Server 2003 Active Directory Domain
Securing Windows 2000 Pro in a Peer-to-Peer Networking Environment
Securing Windows 2000 Professional Clients in a Windows Server Environment
Deploying Patches with Software Update Services 1.0
Deploying Updates with Windows Update and Automatic Updates
Updating a Windows Small Business Server 2003 Network Using Software Update Services Server 1.0
Help Me Stop Spam and Junk Mail Using Outlook 2003
**
Security Bulletin

What You Should Know About Download.Ject
Microsoft teams confirmed a report of a security issue identified as Download.Ject that affects those using the Microsoft Internet Explorer (IE) Web browser. IE users are encouraged to download a removal tool to detect and attempt removal of malicious software associated with Download.Ject. Those running Windows XP updated with SP2 are not at risk.

Microsoft Security Centre

How to check your version of Windows

Learn more about Windows XP SP2

**
**
**