What steps can you take to protect yourself? Here are a few:
- First and foremost, keep your software up-to-date. Nearly all malware attacks target flaws in software that have already been fixed by the developer via software updates (also known as “patches”). If you have downloaded and installed those updates, the vast majority of attacks against your computer will fail. Many programs can be set to update automatically and it’s always a good idea to take advantage of that. Another great way to ensure your computer stays up-to-date is to use software that automatically updates third-party programs (i.e., from a developer other than Microsoft or Apple). Secunia’s Personal Software Inspector22 is an excellent choice for Windows-based computers and AppFresh 23 can be used to keep software up-to-date on a Mac.
- Use a non-administrative account. Computers come with a primary user account featuring “administrative privileges.” Those privileges allow full access to the computer, including the ability to download, modify and delete programs. While you need that to add, change or remove any software on your computer, you don’t need it to use the computer on a daily basis or to browse the Web. If an attacker is able to gain access to that administrative account, he or she will be able to cause far more damage to your system. To keep this from happening, set up a user account with non-administrative access for day-to-day use. Setting up these accounts isn’t difficult, though it varies from operating system to operating system.
- Remove any unnecessary applications and services from your computer. All software has flaws and attackers can use those flaws as a means to get into a system. If the programs aren’t there in the first place, hackers can’t exploit them to attack you.
- Replace any software that is no longer supported by its developer. Using out-of-date software leaves you completely exposed. Since the software is “out of support,” the developer won’t take any steps to fix any problems that are discovered (as it would if the software is still being supported). As a result, any weakness is a permanent one and attackers can use it against you at will. Needless to say, that’s a pretty serious problem. It also violates the HIPAA Security Rule.7 A well-known example of this is the Windows XP operating system. Microsoft stopped supporting it in April 2014. If your office is still using it (or any other out-of-support software), it’s well past time for an upgrade.
- Use basic security software. While anti-virus software won’t catch everything, it’s far better to have it than not. Whether you use a Windows-based computer24 or a Mac,25 there are a number of good options available. You should also enable the firewall included in the computer’s operating system. Firewalls serve to filter incoming electronic traffic (usually based on its source and destination) and should be used whenever they’re available.