Much like much of what is called "safe sex" would be more accurately called safer sex, I will call this safer computing.
This is in some sort of order but I will not promise order of importance because it is all important.
1) Keep your virus signatures up to date. Update them at least daily or even better hourly if your AV software will allow you to do so. Most if not all commercial anti-virus software can be configured to automatically update on a regular basis. If you run a laptop that is often off or in hibernate mode you may have to manually update your signatures when you turn the computer on. If you want to save a few dollars AVG Anti-Virus has a free virus scanner for personal use. Make sure you update the signatures regularly. This is the most important part. An anti-virus software with old signatures is almost useless or even worse will give you a false sense of safety making it worse that useless.
2) Keep up with patches. If you have a modern version of Windows you can click on the start button and then go to Windows Update. This will take you to a web site that includes a list of the important security and functionality patches available for your system. If it's marked "Critical" it is important. The "Recommended" patches are more a personal choice issue. If you have a moden version of Windows (something still under Microsoft support) you can set your computer to automatically download and install patches on a regular basis. Even if you turn auto patching on you should still check Windows Update every couple of months to make sure you are not missing anything. There are some things auto patching will not catch.
If you are running something other than a Microsoft operating system patch management is still extremely important but the methods will vary from operating system to operating system and in the case of Linux from distro to distro.
3) Run a personal firewall. This will help to hide you from criminals and intruders on the Internet. While you may not care about your computer getting attacked the person that attacks you probably just see you as a jumping off point to attack someone else. The person who gets attacked from your computer may care.
A large number of people really hate the build in windows Firewall. I personally like it as long as you understand its limitations. The real issue with Windows Firewall is that it does no egress (outbound) filtering unless you are using Vista or newer. I really like the Windows Firewall in Vista since egress filtering has been added. In XP the Windows Firewall is rather limited but it is simple to use. If you have an older version of Windows and want egress filtering there is a free version of ZoneAlarm available that can do egress filtering. ZoneAlarm is not as simple as the Windows Firewall but it is good software. If you have a cable or DSL connection you may want to consider using a hardware firewall along with your host (software) firewall. Refer to my comparison home and small office firewalls for more information. Most Cable/DSL routers can do limited firewalling but unless you have upgraded the firmware to something like OpenWrt or DD-WRT, both of which are outside the scope of this article, the firewalling they do is exceptionally limited and no substitute for a host firewall. I highly recommend using both a hardware firewall and a software firewall on your computer.
4) On a subject related to viruses there is the issue of spyware. Essentially spyware is software that reports back to its creator. At the most basic level it may report back web sites you visit, your e-mail address or other personal information. At the most insidious it may actually steal more critical information, such as SSN and credit card numbers you have stored or entered on your computer. There are basically four ways you can reduce your exposure to this threat.
4.a) Read the license agreement that comes with software. Usually hidden in the license there will be some indication that information will be sent back to the author assuming that the author does not have completely criminal intents. Obviously this is only effective against the "legitimate" spyware companies. Criminals will not warn you.
4.b) Just because a pop-up box asks you to load a piece of software does not mean you should say yes. Or as Nancy Reagan said "Just say no."
4.c) Run a personal firewall (3 above). Many spyware applications will trigger a firewall warning when they try to make a connection back home. This assumes you are using a firewall with egress filtering and have warnings turned on. To the best of my knowledge the Windows Firewall will not give you these warnings.
4.d) Periodically scan your computer with a spyware scanner. I have used Ad-Aware and I was impressed. It will flag a few things that may not warrant worry but I have not had it flag anything that would truly be harmful if removed. I have used SpyBot -- Search & Destroy regularly. SpyBot -- Search & Destroy is much more thorough. SBS&D also has ability to clean up temporary files used by legitimate programs. This can help protect your privacy. SBS&D also comes with a program called Tea Timer that can run in the background. Tea timer will actually stop spyware from being loaded on your machine in the first place. Tea timer takes a bit of getting accustomed to because every time you load a piece of software you will get several prompts but it does improve safety. Both programs are free. Either of these programs may cause programs that rely on spyware to fail.
5) Think twice when making online purchases. Having said this I buy a great deal of merchandise on the Internet. So what exactly am I suggesting here? There are con artists on the Internet the same as in the physical world. If something seems too good to be true it probably is. A second thing you should watch for is make sure that every time you enter your credit card or other sensitive information into a web browser you see the little lock at the bottom of the page. The lock means that the connection is encrypted meaning that someone between you and the merchant will not be able to read your information. That doesn't mean that someone can't steal the data after it gets to the merchant but at least the most basic of security precautions have been taken. Beyond that it is really a judgment call. If a web-shop looks questionable don't give them your information. This is much akin to if you went into a local store that seemed questionable you would think twice before handing over the plastic. Same idea.
6) In relation to buying things online some credit card companies (Citi comes to mind) will allow you to create a limited credit card that has an expiration date 1-2 months in the future and is only usable at one merchant's store. This greatly reduces your chance of having a credit card number stolen and used. Also don't forget as long as you alert your credit card issuer as soon as you find the fraud you are not usually liable for more than a few dollars of fraud and most banks will waive that.
7) Be safe. Contrary to what the Internet Service Providers commercials may claim the Internet is not the safest of places to be so protect yourself while you are in the Internet. Also don't forget if you have a cable or DSL connection you are always connected to the Internet. To put things in some real world perspective think of the Internet as a questionable part of town. It doesn't necessarily mean that you can't go there but you should be aware of your surroundings.
(original date 2002 or 2003)
Last updated 5/7/2009