Defensive computing
Encyclopedia
Defensive computing is a form of practice for computer users to help reduce the risk of computing problems, by avoiding dangerous computing practices. The primary goal of this method of computing is to be able to anticipate and prepare for potentially problematic situations prior to their occurrence, despite any adverse conditions of a computer system or any mistakes made by other users. This can be achieved through adherence to a variety of general guidelines, as well as the practice of specific computing techniques.
Strategies for defensive computing could be divided into two categories, network security
and the backup
and restoration of data.
and other networks
. The use of either of these allows others to gain access to a user's system and important information. By implementing certain strategies, defensive users aim to reduce the risk associated with network access.
is a collection of security measures that protects a computer from harmful inbound and outbound traffic on the Internet and prevents the unauthorized access of computer systems. These security measures are integrated into the form of special software that runs autonomously either on individual computer systems, or externally through built in software within routers and modems.
Not all firewall software will protect computers from sending unauthorized or harmful outbound traffic.
An important defensive computing strategy is to seek and implement quality firewall software that filters both inbound and outbound traffic.
software.
Firewalls may not completely protect a computer. Malicious software may be able to get through a firewall and onto a system. Anti-Malware such as anti-virus, anti-phishing and email filtering software offer some protection against harmful software that reside within a computer. The amount of malicious software available over the Internet is steadily increasing. It is important for defensive users to use to anti-malware that is both effective and easily updated in order to combat new strains of malicious software that are developed.
Defensive users can scan files they download prior to opening them and can also configure their computers to show file extensions, revealing potentially dangerous files that appear harmless.
Skepticism can also be applied to the websites visited by users. As with emails, users can be lead to false advertisements. Also, malicious software can unknowingly be downloaded and infect a computer, just by visiting a certain website.
Strategies for defensive computing could be divided into two categories, network security
Network security
In the field of networking, the area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources...
and the backup
Backup
In information technology, a backup or the process of backing up is making copies of data which may be used to restore the original after a data loss event. The verb form is back up in two words, whereas the noun is backup....
and restoration of data.
Network security
Users put their computers at risk when accessing the InternetInternet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
and other networks
Computer network
A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....
. The use of either of these allows others to gain access to a user's system and important information. By implementing certain strategies, defensive users aim to reduce the risk associated with network access.
Firewall
A firewallFirewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
is a collection of security measures that protects a computer from harmful inbound and outbound traffic on the Internet and prevents the unauthorized access of computer systems. These security measures are integrated into the form of special software that runs autonomously either on individual computer systems, or externally through built in software within routers and modems.
Not all firewall software will protect computers from sending unauthorized or harmful outbound traffic.
An important defensive computing strategy is to seek and implement quality firewall software that filters both inbound and outbound traffic.
Anti-malware software
A basic strategy for all defensive computer users is to install and use anti-malwareMalware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
software.
Firewalls may not completely protect a computer. Malicious software may be able to get through a firewall and onto a system. Anti-Malware such as anti-virus, anti-phishing and email filtering software offer some protection against harmful software that reside within a computer. The amount of malicious software available over the Internet is steadily increasing. It is important for defensive users to use to anti-malware that is both effective and easily updated in order to combat new strains of malicious software that are developed.
Skepticism
An important aspect of defensive computing is for users to be skeptical of the data to which they have access via the Internet. Malicious software can exist in a multitude of different forms and many are misleading to general computer users and even some anti-malware software. Defensive users think critically about the information they can access, to reduce their chances of downloading and spreading malicious software. Strategies include scanning email attachments prior to opening them and manually filtering suspicious emails from inboxes. Users should be aware of persuasive subject lines and headings in emails from any address, as they may actually contain malicious software or spam, which can mislead users into false advertisement resulting in identity theft.Defensive users can scan files they download prior to opening them and can also configure their computers to show file extensions, revealing potentially dangerous files that appear harmless.
Skepticism can also be applied to the websites visited by users. As with emails, users can be lead to false advertisements. Also, malicious software can unknowingly be downloaded and infect a computer, just by visiting a certain website.
Backup and recovery procedures
Despite the efforts of a defensive computer user, the loss of important data can occur due to malware, power outages, equipment failure and general misuse. Although the loss of data cannot be completely prevented, defensive users can take steps to minimize the amount of data lost and restore systems to their previous state.Backup of files
A defensive strategy against unintentional data loss is the regular backup of important files. Users can make multiple copies of important data and store them either on the same computer or on another device such as a compact disc or an external hard drive. Users can also upload important files to the Internet, provided they have access to Internet storage services.Restoration
Some operating systems give users the option of performing a procedure that restores a computer to a predetermined state. If no option is available, a user can obtain the appropriate restoration software for their system. In the event of a system failure or a serious case of data loss, a user can restore any lost or changed files and remove any malicious files that did not previously exist.Good practices for protecting data
- Regularly backup important files, documents and emails.
- Do not use the administrator account for day-to-day activities.
- Keep software up-to-date with the latest versions.
- Keep antivirus and antispyware up-to-date with latest versions.
- Use different passwords
- Disable auto run feature from USB flash drives. Some viruses, specially wormsComputer wormA computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach...
, spread automatically through USB flash drives - Always connect to the Internet behind a firewall
See also
- Stopping e-mail abuseStopping e-mail abuseTo prevent e-mail spam , both end users and administrators of e-mail systems use various anti-spam techniques. Some of these techniques have been embedded in products, services and software to ease the burden on users and administrators...
- PhishingPhishingPhishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT...
- Computer insecurityComputer insecurityComputer insecurity refers to the concept that a computer system is always vulnerable to attack, and that this fact creates a constant battle between those looking to improve security, and those looking to circumvent security.-Security and systems design:...
- End-user computingEnd-user computingIn computing, End User Computing refer to systems in which non-programmers can create working applications. EUC is a group of approaches to computing that aim at better integrating end users into the computing environment...
- Network securityNetwork securityIn the field of networking, the area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources...
- computer wormComputer wormA computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach...
- computer securityComputer securityComputer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
External links
- Defensive Computing Blog by Michael Horowitz at ComputerWorld.com
- Defensive computing priorities by Michael Horowitz December 2009