Unfortunately, finding a balance between computer security and functionality can often be a question of “hit and miss”. By protecting your computer using the layered approach laid out here, you will reduce the chances of malware infections significantly without impacting convenience, and functionality, unduly.
Cybercriminals design malware to exploit vulnerable systems without user interaction being required – on the one hand, and craft attacks that take advantage of unaware computer users, in which user interaction is required – on the other hand.
The second part, of this two part attack approach, can only be defeated if the computer user is aware of current Internet threats. So, knowledge and experience, are critical ingredients in the never ending, and escalating battle, against cybercriminals.
In order to defeat attacks which rely on exploiting vulnerable systems, the preferred method to do so, is the implementation of a layered security approach. Employing layered security should ensure the swift detection of malware, before any damage occurs on the targeted system.
We live in a world in which we are surrounded by “buzz words”, and it seems that I’m occasionally guilty of using buzz words in writing this Blog. Buzz words which don’t always adequately explain a point, or which interfere with a readers understanding of a concept.
This was brought home to me recently when a regular reader emailed me privately; asking that I explain layered security. As I considered this, it occurred to me that this was a very legitimate question. From a reader’s perspective – just what is “layered security”?
What is layered security?
Let’s take the “buzz” out of layered security. Layered security, in its simplest form, consists of stacking security solutions, one on top of the other, to protect a computer from current, and zero day malware attacks (malware for which there is yet, no programmed defense).
Why do you need it?
The answer is pretty simple – gap management (words that are well know to consultants). In other words, no single security application is capable (nor should we expect a single application to be capable), of providing adequate computer system protection. Gaps exist in protection capabilities in even the most sophisticated security applications.
Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing these gaps. Keep in mind however, that even the best layered protection strategy will not make up for the lack of experience, and intuitiveness, of many computer users. So, I’ll repeat what I said earlier “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals”
A consumer layered security approach: recommendations.
Backup – While you may not think that a backup strategy forms part of a layered security approach to Internet security, it is, without exception, a most crucial part.
Consider where you would be if your layered security strategy failed. If you’ve ever lost critical data to a malware infection, no doubt you already consider it of primary importance.
Free backup utilities are readily available – see “Hard Drive Cloning is Easy with Free Easeus Disk Copy” and “Free DriveImage XML – “The Best Way to Backup Data?”, on this site.
Operating System and Application Patch Management – Again, this is an area that is often not considered as critical by many users. In a recent survey, Secunia, the Danish computer security service provider, well known for tracking vulnerabilities in software and operating systems, concluded that less than one in 50 Windows driven computers, are totally patched.
To stay ahead of the curve in this critical area consider downloading, and installing, the free Secunia Personal Software Inspector, which will constantly monitor your system for insecure software installations, notify you when an insecure application is installed, and even provide you with detailed instructions for updating the application, when available.
Firewall – Simply put, a firewall is an application, or a hardware appliance, designed to block unauthorized access to your computer from the Internet, at the same time permitting authorized communications.
There are many free Firewalls available, but many can be intrusive and not really appropriate for casual computer users. Zone Alarm offers a very robust, uncomplicated, free Firewall, and more information is available here, “Download ZoneAlarm Free Firewall 2010 – Windows 7 Compatible”.
Antimalware – A front line antimalware application is absolutely critical to avoid system infection. Your primary application should be supplemented by an on-demand scanner (part of the stacking approach).
There is no harm in downloading more than one antimalware application to be used as a secondary scanner. In fact, doing so can be advantageous. However, be sure NOT to allow more than one application to autostart, in order to prevent conflicts. For a list and download links to recommended free antimalware applications, including secondary scanners, see “Tech Thoughts Top 8 Free Antimalware Applications”, on this site.
Antivirus – An antivirus application is another critical component in a layered defense strategy to ensure that if a malicious program is detected, it will be stopped dead in its tracks!
Avira AntiVir Personal (see “Free Avira AntiVir Personal Protection – Get the Real Deal!” on this site), is a very effective application which offers scans for viruses, Trojans, backdoor programs, hoaxes, worms, dialers and other malicious programs.
It’s simple interface provides access to a command structure, that makes it easy to repair, delete, block, rename and quarantine programs, or files.
Web Browser Security – Install a free Internet Browser add-on such as WOT (my personal favorite). WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.
Please read “An IT Professional’s Must Have Firefox and Chrome Add-ons” on this site, which lists additional critical Browser add-ons.
System Isolation – An isolator is a security application which dynamically isolates Internet applications including Web Browsers, Chat Clients, Email Clients, and so on. Isolators, or sandbox applications, prevent damage from intrusions and malicious software: viruses, worms, spyware, key loggers etc., including disallowing rogue software from being installed. To understand this concept more thoroughly, please see “Free GeSWall Isolates You From Cybercriminals”, on this site.
Zero Day Protection – Since most viruses, worms, Trojans and other types of Internet threats only last 24 hours, how do security applications that rely on a definition database to identify malware files (most anti-malware applications), keep up with this onslaught? The simple answer is; they don’t.
Threatfire, from PC Tools is a terrific security application which covers the vulnerability gap with respect to zero-day threats. ThreatFire blocks malware (including zero-day threats) by analyzing program behavior (heuristics), based on the theory that if it looks like a crook and acts like a crook, then it must be a crook, instead of relying only on a signature based database.
For additional information and a download link please see – “Protect Yourself Against Zero Day Internet Threats with Free ThreatFire From PC Tools”, on this site.
Unfortunately, finding a balance between security and functionality can often be difficult. By protecting your computer using the layered approach laid out here, you will reduce the chances of malware infections significantly without impacting convenience, and functionality, unduly.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
10 responses to “Tips On A Layered Security Approach To Internet Safety”
I never really heard of the layered security approach before I started coming to your blog. Now I run two realtime malware scanners (MSE and Threatfire) backed up by regular scans with Malwarebytes, Superantispyware, Hitman Pro, ESET Online Scanner, and TrendMicro Housecall. I also run Spybot S&D once a week, and Secunia is part of my arsenal as well. Filehippo updater gets a regular workout as well.
Something I read on the Threatfire blog some time back made me laugh – “Think of Threatfire as the paranoid wild west sheriff, who not only has his eye on the drunks in the saloon, but also on your sweet Aunty Mabel”. That pretty much sums up this great app.
I know some of the guys over at ThreatFire Mal, and I always considered them pretty serious. Looks like they have a comedic streak as well. 🙂 Dead on the money though.
You and I run parallel apps, including Hitman Pro, which I started running a few months back. A very solid performer. Actually, I wrote a review on this – so I better dig it out. Thanks for the reminder.
Just downloaded Threatfire but it conflicted with Skype (5.0 beta) and so I had to remove it. Shame. If you know the Threatfire crew Bill you might pass this on.
I’ll pass on this information and wait for a reply. I’ll let you know the outcome.
Hey Bill. I just tried Geswall and it’s great indeed. Thanks!
Very cool. You now have another brick in the antimalware wall.
Great article. Very useful.
I’m glad to hear you found it useful
This is one of my favorite ways of browsing safely. It’s really ingenious and works with *any* browser you have installed; Chrome, Opera, FF, IE, etc.
Running your browser with reduced privileges using DropMyRights
Running other internet facing applications using DropMyRights
Thanks for this Keith.
Totally agree – it’s a terrific utility.
I’ve been testing this since August 8 (I Just looked that up – :)), so I expect I’ll have a review up shortly.