Do it yourself security “experts”.

Lynn Bernstein, Technology Consultant, ECG Inc
(I’ve known Lynn for years and if you need technology expertise – she’s the one to call (well email) – Ramon Ray, Editor,
I read a book a while ago called ‘The Cookoo’s Egg’. It was difficult to find as it’s been out of print for about 25 years. The book is all about security and the lack of it. Written around the late 1960s, and revised in 2000, one piece keeps haunting me. I see these errors still repeated. It’s now not just the tech people, although I think that situation has improved. It’s now the do-it-yourself persons. It’s security.
Don’t ever think one vendor, whether hardware or software will take care of all your security requirements. It can’t happen. Each of us must be proactive in implementing security policies and best practices. Consider this: If you lost all your information or a competitor somehow had it, what would that do to your business? It’s close to impossible to protect against everything, but you can get pretty close to that goal.
Begin with passwords. They are everywhere, from email to logging in, to devices such as routers (wireless and otherwise), and more. There is not much new that you haven’t heard previously, so in case you’ve forgotten here are a few basic rules:
1. use a password
2. change passwords for everything at least every 30 days, with no repeats for the last 5 passwords
3. do not use the same password for everything
4. do not use your name, children’s or spouses names, phone numbers, birthdays or anniversaries, or anything that may be common knowledge
5. do not put passwords on Post-its on your monitor, in your desk drawer, or any other place easily accessible by others
6. encrypt passwords
7. do not use default passwords (the ones that are preset by a vendor)
8. do use a combination of letters, numbers, and special characters (if allowed)
9. use a combination of upper and lower case letters
10. above all, do not share them with anyone
Passwords and encryption are especially important using wireless. You don’t want ‘drive-by’ hackers (Editor’s note: hackers who literally drive around digitally sniffing for open wireless networks), neighbors, or anyone unauthorized getting into your system.
Anti-virus is such a basic these days. Viruses, trojans, and worms come from all over, not just email. Here are a few things to consider when choosing anti-virus applications:
1. use a good anti-virus program from a company specializes in anti-virus and has good tech support
2. update your signature files weekly, although I recommend daily
3. scan your memory and all your drives daily and check your log files for problems
4. scan your email as it arrives
5. anti-virus belongs on servers too
6. there are places online for free scans, such as to use in addition to your installed application
7. don’t use applications that are virus magnets
You may not even realize your machine has a virus without anti-virus software. Too many people have thought their machines were just fine – virus free – until they installed anti-virus. Then they found thousands of them.
Many ISPs now will give you one warning if you are clogging communications from viruses. After one warning, your are booted off their system until they decide your viruses have been removed, and anti-virus is in place and used. How will lack of internet communications affect your business?
Viruses can do a lot of damage, from deleting your files to sending out your information to others. You cannot be too careful.
Firewalls are necessary for different protection. Different firewalls work differently, with one common theme – to keep people out of your computer(s) that are unauthorized. There are hackers out there just looking for an unprotected computer so they can break in – just for the fun of it. Of course there are hackers that are destructive and others that spy.
Some applications can be safer than others while performing the same function. For example, Outlook is not the only email application, and Internet Explorer is not the only browser. Office is not the only suite of programs. Many of these are also free, yes – free. You can use Mozilla for email and browsing (, and Star Office ( There are others too. Many technical security experts have recently stated publicly to avoid Internet Explorer due to the number of security holes. The Register is a tech publication; take a look at some of the security issues in their articles at There are over 600 articles. You will find many more with a Google search. IE is now losing market share, while Mozilla is gaining market share.
If you have children using your connected computer, please watch. Don’t count on any filtering application to keep them safe.
Spam is a huge problem. Much spam has worms, trojans, and viruses contained in it to infect your machine. Turn off automatically run scripts in email to prevent most infections. Complain to your ISP about each piece of spam. To do this, open all the headers, and forward the spam to your ISP. Ask your ISP if they use an RBL. An RBL is a list of known mail servers used by spammers. Use of an RBL by the ISP will bounce any mail from the list. Spam now accounts for 63% or more of all email. It cloggs the wires causing everything to take longer, and increases costs for all of us.
Don’t be part of the problem – be part of the solution. We each need to do our share to keep technology as safe as possible. We all love the convenience and the doors now open. Let’s all try to keep it working well.
Talk to your professional engineer for specific advice and setup for your system.