Information Security begins with keeping your computer systems properly maintained. It’s probably the most important link in the chain, and the easiest one to take care of.
Operating System updates
Keeping an operating system up to date is so important that most editions of Windows 10 force updates on users. The reason for these updates is to repair vulnerabilities and fix bugs. Therefore, if your system is not up to date, it’s vulnerable.
Well, truthfully, it’s always vulnerable no matter what you do, but at least it’s not as vulnerable. This is why we update, and it’s why Microsoft decided to take the risky move of making updates for Windows 10 compulsory.
If you’re not a Windows 10 user, you have more autonomy over the update process. This is a good thing and a bad thing. It’s good because you can update when it’s convenient for you, and you can bypass the process entirely if your workload is too heavy to waste time on a system update. It’s bad because while your system is not updated, you’ll be facing a higher level of risk.
The advantage for Mac and Linux users is they can update their entire systems without needing to reboot. That means the user does not need to cease working while their system is updating.
Users of Windows versions below Windows 10 do need to reboot, but they do at least still have the same autonomy over the update process as non-Windows users.
By updating your operating system regularly, it reduces the number of entry points through which an intruder can gain access to your computer.
Application updates
Updating your applications is done for a similar reason, but normally you have full autonomy over application updates regardless of which operating system you’re using.
Some good news is that since Windows 7, system restarts following application updates are rarely required. If an application does need a system restart, this alerts you to the possibility that it may be accessing system level resources, and that ought to be enough to motivate you to research exactly what’s going on there.
If you can’t find the answer easily online, it’s good security practice to contact the developer of the application and ask what system level resources are affected by updating the application. If the developer can’t or won’t tell you, it’s a possible red flag that the application could be some kind of malware.
Updating your applications should not be confused with upgrading them. An update fixes problems with the version of the application you currently have. An upgrade replaces the existing version with an entirely new version.
It may seem that an upgrade is always going to be better than an update, but this is not necessarily so. These are the reasons why:
- The version of the software you are currently using may have been around for quite a long time and may have a large user base. Most of the potential vulnerabilities in the software have probably been discovered and patched. A new version may contain many vulnerabilities that have yet to be discovered.
- A new version of the software potentially may not be compatible with other components of your system.
- Support for the new version of the application will often not be as mature as support for the older version. This is because almost every kind of problem that could arise in the old version has already been handled by the support staff multiple times. With a new version, you may be bringing a problem to them that has never been encountered before.
- Staff may require additional training in order to use the new version of the software effectively.
However there are also many good reasons to upgrade:
- Upgrading means you have access to all the most recent features of the software, which may include additional features (but do ask yourself if you will be likely to use those features before you spend money to buy them).
- Upgraded versions are sometimes more efficient than the previous versions. This is not always true, however. Sometimes new versions of software will require more resources than older versions, and some of the resource requirements could exceed the limits of what your system is able to provide.
Because there are both positive and negative aspects to upgrading, those businesses that can afford the luxury usually keep a separate computer system purely for testing software upgrades. Once it is established that an upgrade has no obvious negative effects, it is approved for adding to the wider business system.
Antivirus
There is a lot of confusion about viruses. A virus is a malicious program that self-replicates, attempts to spread, and usually has some specific undesirable effect. Other types of threats include malware, ransomware, and rootkits. These other types of threats can’t properly be described as viruses unless they self-replicate and attempt to spread.
You need to be vigilant against these kinds of attacks and many more. The number one weapon in your defensive tool kit is antivirus software. No matter which operating system you use, unless it is a read-only operating system, you should consider it to be vulnerable.
Some operating systems are more vulnerable than others, but this should not lead to a false sense of security.
A good antivirus application will also scan for malware, ransomware, and rootkits. You can also get independent applications that specialize in each specific type of threat.
Simply having antivirus software installed won’t be enough to completely protect your system. You still need to employ every other kind of safeguard possible, the most important of which is a strong firewall that denies outbound connections for most of the applications on your system.
Only where it is known that an application must have outbound access to function, and for a good reason, should that application be granted the ability to send data from your computer.
