Updated November 20, 2024
With more and more people working from home, keeping your personal computer safe and secure is essential. There is always somebody out there who wants to get your information and data. So here are five (5) things to look at to protect your computer when working from home.
It is hard not to be paranoid about your computer's security at home. You hear about all the ways that the bad guys can get access to your data. But with a few simple changes, you can harden the security of your personal computer.
E-mail
E-mail is the most popular way for the bad guys to get access to you. They will try to infect your computer with a malicious attachment or get you to a compromised website to get your information. Sometimes they want you to respond to their e-mail with your personal information.
Either way, e-mail is currently the largest source of attacks and scams. But there are some simple things you can do to protect yourself. The first thing you want to examine is how you view your e-mail.
Now e-mail can be written using two (2) different formats: plain text (like in a .TXT file) or HTML (like the code used for websites). Plain text e-mail has no special formatting, but HTML e-mail can.
Just like malicious websites can have hidden code that can download and install malware, adware, and viruses, so can malicious HTML formatted e-mail. There is no difference between the two.
So, just like if you went to a malicious website and viewed an infected web page with a malware payload, displaying a malicious HTML formatted e-mail has the same effect.
The best way to avoid downloading the contents of an HTML formatted e-mail is by not using the preview feature in your mail program. Most of them, like Outlook and Thunderbird, can turn off the preview pane. If the HTML formatted e-mail can not be rendered, it cannot execute the code inside.
Remember that if you do not know or recognize the person or company that sent you a questionable e-mail, delete it. It is not worth the trouble a malicious e-mail can cause to see what is in the e-mail.
While on the subject of malicious e-mail, knowing how to spot a piece of junk mail is essential. I go into more detail on how to do it in the following article I wrote a little while back.
How to spot a piece of spam e-mail
There is another option when it comes to e-mail security, and that is using an anti-spam program. Since I get hundreds of e-mails daily, I started using the anti-spam program MailWasher almost two decades ago. It is perfect for getting rid of junk mail.
For more information on MailWasher, check out this article I wrote a couple of years ago. They have a paid version and a free version.
Eliminate spam from your inbox with MailWasher 7.5
Tech scams
Tech scams have lost their popularity with bad guys. Is it because consumers are getting smarter and not falling for them anymore? But you still get them occasionally, so here is a link to an article about avoiding them.
How to handle a tech scam
The bottom line is, don't give them any information; whatever you do, do not provide them access to your computer!
Software updates
Many people don't apply updates to Windows and other programs because they fear the upgrades will break the software. Yes, it does happen occasionally, but only sometimes.
I have had my fair share of repairing computers that have experienced a failed update. But more often than not, updates install flawlessly. With all software manufacturers' testing for updates, a failed upgrade is rare.
However, recovering from a virus or malware infection that could have been prevented by applying software updates can be expensive. It's embarrassing, too.
Then, there is the use of an operating system, like Windows XP, Windows Vista, or Windows 7 that has reached its end-of-life and no longer gets security updates. I get the "I just like the way it works" or "My software won't run on the latest version of Windows" arguments.
I have found solutions to those arguments, and many like them. When there is a will, there is a way. But running unpatched software is just way too dangerous. Bite the bullet and apply updates or upgrade your software.
Anti-virus software
This is another piece of software you have to keep an eye on. The biggest problem I encounter is expired anti-virus licenses. Customers will get a new computer with preloaded anti-virus software with a 30 or 60-day trial license.
When the trial license expires, they ignore the pop-ups telling them about the expired license. Luckily, Windows 10 has a highly rated anti-virus program (Windows Security) built-in. It will usually take over when a trial anti-virus license expires.
Typically when I set up a new computer for a customer, I ask them what they want to do about anti-virus software. Most of them tell me to remove the pre-loaded trial version of anti-virus software.
If they don't prefer a particular anti-virus program, I have them go to an independent, third-party website like AV Test and check the ratings for the different anti-virus software.
Many people are surprised that Microsoft's Windows Defender / Windows Security is rated so high. Microsoft has worked hard over the years to improve its anti-virus software.
Now, the cool thing is even if you have installed another company's anti-virus software on Windows 10, Windows Security will see it and set it as the default. But you can still have Windows Security do periodic scans.
Routers
This security tip may or may not affect you. If you lease your router from your Internet Service Provider (ISP), this topic is irrelevant to you. If you own your router, this will be of interest to you.
Home Internet routers have always been a target for the bad guys. There are two reasons for that: First is the fact that home users usually keep the default administrator password the same. Luckily, router manufacturers started installing complicated default passwords a few years ago.
The second reason is that once people set up their routers, they tend not to think about them anymore until something goes wrong. As I like to call it, the set it and forget it syndrome.
Just like I discussed updating software earlier in this article, your router also has software that gets updated. It is called firmware, the operating system for your router. Think of it as what Windows is to your computer; the firmware is to your router.
The problem is that your router's firmware is not automatically updated. You have to do this manually. Sometimes, it can be hard to determine what version of firmware your router is running, if there is an updated version of firmware for your router, and how to upgrade the firmware of your router.
The first step is to log into your router and find out what version of firmware it is running. It is usually listed right on the first screen. From there, you go to the manufacturer's website and find the product page for your router. What you are going to need is the manual for your router.
An effortless way to find it is by just searching on Google. Search for the manufacturer model manual, and the product page for your router should be in the top three (3) results. Once you have the manual, you can search it for Firmware Update, and it should explain where to go inside your router to look for and upload a new version of the firmware.
Now that we have looked at the router's firmware let's look at your router's security. The bad guys regularly scan an ISP's range of IP (Internet Protocol) addresses, looking for open ports to attack. An IP address is a unique string of numbers that identifies each device on the Internet.
We now want to check and see if your router has any open ports that the bad guys can use to access your router or any of the devices inside your network. For this, we want to do an unintrusive scan of your router's service ports.
Gibson Research Corporation has a fantastic tool for doing this called ShieldsUp!. Just go over to the website, and under the Services pull-down, you will find ShieldsUp.
Once you get to the ShieldsUp! page click on the Proceed button. From there, you can select from several different types of scans. I recommend the All Service Ports scan.
Once the scan is complete, the webpage will display the scan results. If you score a perfect rating, you are good to go. The webpage will tell you what to do if any ports require attention.