Tuesday, November 22, 2011

Squirrels In The Attic

Wandering around the backyard the other day, I happen to notice this rather large hole in the soffit of the upper roof of my house. It appeared as if the wood, perhaps rain soaked, had sagged creating a triangular opening. There is no telling how long it had been like that.

Even after hearing some scratching sounds outside the window of my home office, I didn't really give it much thought. The home office is at the opposite end of the house from the hole. But when my wife remarked one morning that there was some noise coming from the ceiling above our bedroom I figured out we must have squirrels in the attic. Sure enough, now that I am aware, I caught sight of a squirrel runnig up the side of the house, across the lower roof and presumably into the hole.

These furry rats may have been using that hole and living in the attic for some time. We might never have noticed but for the fact that I now work mostly out of my home office. Being in the house on the second floor allowed me to observe their coming and going.

So it is with computer security issues. We have "holes" in our systems that we may never notice. Systems are left running all the time and when we are not around a gray, fuzzy-tailed malware will take advantage of the opening and make itself at home. Left unattended, our home computers, office computers and servers can house these critters for months, providing them a safe base of operation from which they can go out and harvest information. We might notice the occasional scratching sound such as sluggish performance, unusual levels of network traffic or spurious error messages, but unless we are vigilant, fuzzy may get on with its work undetected.

In the business environment, there are plenty of professional tools and techniques which can be very effective in defending against and detecting unwanted system squatters. But at home, there are a hand full of things one should do to avoid this problem.

First, make sure you regularly apply the operating system (Windows, IOS, Linux) updates, particularly those which relate to plugging known security holes. The same is true of applications software such as Micorsoft Office, Adobe and the various internet browsers you may use. These updates or patches are like little boards nailed over the holes, preventing anything from squeezing through.

Next pay close attention to any messages that pop up asking for permissions or rights to access or control over your computer, suggesting you download or execute some program. Read the messages carefully, and if you are not sure what it means, copy it down, click no or exit out somehow and ask someone who will know.

Make sure you have anti virus software running all the time with automatic updates enabled. There are certainly a few good ones that are free, but you may want to spend a little for a commercial grade product. If it avoids even one disaster it will have paid for itself several times over.

Never leave your computer unattended in a public place and be sure to use a complex password, one that is easy for you to remember but hard for anyone else to discover. Best practice would suggest you have a separate administrator account to maintenance of your computer. In this way, you restrict privileged operations from your normal, daily use account.

Finally, if you are not using your computer, turn it off. It's not only green (saving energy) but also safe. No one can crack into a computer when it is powered off. Malware, no matter how clever, can't do anything either.

Captain Joe

Follow me on Twitter @JPuglisiLLC