Answer:-
iam discussing for pc security.the steps shoudl be flollwed as
below.
Describe the steps you plan to go through to ensure this new
computer system remains as secure as possible.
The following are important steps you should consider to make
your computer more secure. While no individual step will eliminate
all risk, when used together, these defense-in-depth practices will
strengthen your computer’s security and help minimize threats.
- Secure your router. When you connect a
computer to the internet, it’s also connected to millions of other
computers—a connection that could allow attackers access to your
computer. Although cable modems, digital subscriber lines (DSLs),
and internet service providers (ISPs) have some level of security
monitoring, it’s crucial to secure your router—the first securable
device that receives information from the internet. Be sure to
secure it before you connect to the internet to strengthen your
computer’s security. (See Securing Your Home Network for more
information.)
- Enable and configure your firewall. A firewall
is a device that controls the flow of information between your
computer and the internet. Most modern operating systems (OSs)
include a software firewall. The majority of home routers also have
a built-in firewall. Refer to your router’s user guide for
instructions on how to enable your firewall and configure the
security settings. Set a strong password to protect your firewall
against unwanted changes. (See Understanding Firewalls.)
- Install and use antivirus software. Installing
an antivirus software program and keeping it up-to-date is a
critical step in protecting your computer. Many types of antivirus
software can detect the presence of malware by searching for
patterns in your computer’s files or memory. Antivirus software
uses signatures provided by software vendors to identify malware.
Vendors frequently create new signatures to ensure their software
is effective against newly discovered malware. Many antivirus
programs offer automatic updating. If your program has automatic
updates, enable them so your software always has the most current
signatures. If automatic updates aren’t offered, be sure to install
the software from a reputable source, such as the vendor’s website.
(See Understanding Anti-Virus Software.)
- Remove unnecessary software. Intruders can
attack your computer by exploiting software vulnerabilities, so the
fewer software programs you have installed, the fewer avenues there
are for potential attack. Review the software installed on your
computer. If you don’t know what a software program does, research
the program to determine whether or not the program is necessary.
Remove any software you feel isn’t necessary after confirming it’s
safe to remove. Back up important files and data before removing
unnecessary software to prevent accidentally removing programs that
turn out to be essential to your OS. If possible, locate the
installation media (e.g., CD) for the software in case you need to
reinstall it.
- Modify unnecessary default features. Like
removing unnecessary software, modifying or deleting unnecessary
default features reduces attackers’ opportunities. Review the
features that are enabled by default on your computer, and disable
or customize those you don’t need or don’t plan on using. As with
removing unnecessary software, be sure to research features before
modifying or disabling them.
- Operate under the principle of least
privilege. In most instances of malware infection, the
malware can operate only using the privileges of the logged-in
user. To minimize the impact of a malware infection, consider using
a standard or restricted user account (i.e., a non-administrator
account) for day-to-day activities. Only log in with an
administrator account—which has full operating privileges on the
system—when you need to install or remove software or change your
computer’s system settings.
- Secure your web browser. When you first
install a web browser on a new computer, it will not usually have
secure settings by default, you will need to adjust your browser’s
security settings manually. Securing your browser is another
critical step in improving your computer’s security by reducing
attacks that take advantage of unsecured web browsers. (See
Securing Your Web Browser.)
- Apply software updates and enable automatic
updates. Most software vendors release updates to patch or
fix vulnerabilities, flaws, and weaknesses (bugs) in their
software. Intruders can exploit these vulnerabilities to attack
your computer. Keeping your software updated helps prevent these
types of infections. (See Understanding Patches and Software
Updates.) When setting up a new computer, go to your software
vendors’ websites to check for and install all available updates.
Many OSs and software programs have options for automatic updates.
Enable automatic updates if they are offered; doing so will ensure
your software is always updated, and you won’t have to remember to
do it yourself. Only download software updates directly from a
vendor’s website, from a reputable source, or through automatic
updates.
- Create strong passwords. Use the strongest,
longest password or passphrase permitted. Don’t use passwords that
attackers can easily guess, like your birthday or your child’s
name. Attackers can use software to conduct dictionary attacks,
which try common words that may be used as passwords. They also
conduct brute force attacks, which are random password attempts
that run until one is successful. When setting security
verification questions, choose questions and answers for which an
internet search would not easily yield the correct answer (e.g.,
your pet’s name). (See Choosing and Protecting Passwords.)
what you envision to do to ensure your online banking site is
encrypted and uses the proper certificates.
Each type and variant of banking Trojans may operate differently
to infiltrate the victim’s online banking account. Some may lead
the victim to a fake login website, thereby stealing their login
credentials and logging in to the real website simultaneously;
while others may initiate a fund transfer without the victim’s
knowledge. No matter what form the banking Trojans take, their
common objective is to steal money from the victim’s bank
account.
Protect your bank account details
To avoid becoming a victim of these cyber threats, keep your
confidential information well protected. The password that you use
to log in to your bank account should be unique from the passwords
for your other online accounts. Do not share your passwords with
others. Refrain from divulging personal information such as your
date of birth on the Internet as it may be used by the bank to
verifying your identity.
Beware of social engineering tactics
Banks will never use channels such as email to request for your
banking details. If you receive such emails that appear to be from
your bank, you should report it to your bank immediately instead of
replying or clicking on links in the e-mail.
Familiarise yourself with the bank’s security measures
To prevent yourself from accessing a fraudulent banking website,
familiarise yourself with the bank's security measures. Banks will
usually send advisories to their clients if they intend to change
their security measure, such change would not be done overnight. If
you find that the website’s authentication process is different
from your previous experience, refrain from entering your login
details. Check the website’s authenticity before proceeding
further. Here are some steps that you may take:
- Confirm that the URL of the website in the address bar is the
same as your bank’s
- Confirm the SSL certificate of the website is issued to your
bank by a trusted certifying authority and within the validity
period
- Compare the website’s authentication process when accessed from
another device (in case your computer has been infected by a
banking Trojan)
When in doubt, check with your bank.
Practise safe surfing habits
Refrain from accessing your banking website on a public or
shared computer, you never know if the information you entered are
being tracked. Even if you are accessing the banking website on
your own computer, always log off and clear the cache on your
browser to remove transaction records. Also refrain from surfing
suspicious websites as malicious software may be installed without
your knowledge.
Check your bank account transactions regularly
Hackers (of the criminal variety) are a scary bunch—whether
working as part of an organized unit or an idealist with a
political agenda, they’ve got the knowledge and the power to access
your most precious data. If hackers want to target a particular
company, for example, they can find vast amounts of information on
that company just by searching the web. They can then use that info
to exploit weaknesses in the company’s security, which in turn puts
the data you’ve entrusted to that company in jeopardy.
Think of your home computer as a company. What can you do to
protect it against cybercriminals? Instead of sitting back and
waiting to get infected, why not arm yourself and fight back?
Bad guys, beware. We’ve got 10 ways to beat you.
- Update your OS and other software frequently, if not
automatically. This keeps hackers from accessing your computer
through vulnerabilities in outdated programs (which can be
exploited by malware). For extra protection, enable Microsoft
product updates so that the Office Suite will be updated at the
same time. Consider retiring particularly susceptible software such
as Java or Flash, especially as many sites and services continue to
move away from them.
- Download up-to-date security programs, including anti-malware
software with multiple technologies for protecting against spyware,
ransomware, and exploits, as well as a firewall, if your OS didn’t
come pre-packaged with it. (You’ll want to check if your OS has
both firewall and antivirus built in and enabled by default, and
whether those programs are compatible with additional cybersecurity
software.)
- Destroy all traces of your personal info on hardware you plan
on selling. Consider using d-ban to erase your hard drive. For
those looking to pillage your recycled devices, this makes
information much more difficult to recover. If the information
you’d like to protect is critical enough, removing the platters
where the information is stored then destroying them is the way to
go.
- Do not use open Wi-Fi on your router; it makes it too easy for
threat actors to steal your connection and download illegal files.
Protect your Wi-Fi with an encrypted password, and consider
refreshing your equipment every few years. Some routers have
vulnerabilities that are never patched. Newer routers allow you to
provide guests with segregated wireless access. Plus, they make
frequent password changes easier.
- Speaking of passwords: password protect all of your devices,
including your desktop, laptop, phone, smartwatch, tablet, camera,
lawnmower…you get the idea. The ubiquity of mobile devices makes
them especially vulnerable. Lock your phone and make the timeout
fairly short. Use fingerprint lock for the iPhone and passkey or
swipe for Android. “It’s easy to forget that mobile devices are
essentially small computers that just happen to fit in your pocket
and can be used as a phone,” says Jean-Philippe Taggart, Senior
Security Researcher at Malwarebytes. “Your mobile device contains a
veritable treasure trove of personal information and, once
unlocked, can lead to devastating consequences.”
- Sensing a pattern here? Create difficult passwords, and never
use the same ones across multiple services. If that’s as painful as
a stake to a vampire’s heart, use a password manager like LastPass
or 1Password. For extra hacker protection, ask about two-step
authentication. Several services have only recently started to
offer 2FA, and they require the user to initiate the process. Trust
us, the extra friction is worth it. Two-factor authentication makes
taking over an account that much more difficult, and on the flip
side, much easier to reclaim should the worst happen.
- Come up with creative answers for your security questions.
People can now figure out your mother’s maiden name or where you
graduated from high school with a simple Google search. Consider
answering like a crazy person. If Bank of America asks, “What was
the name of your first boyfriend/girlfriend?” reply, “Your mom.”
Just don’t forget that’s how you answered when they ask you
again.
- Practice smart emailing. Phishing campaigns still exist, but
cybercriminals have become much cleverer than that Nigerian prince
who needs your money. Hover over links to see their actual URLs (as
opposed to just seeing words in hyperlink text). Also, check to see
if the email is really from the person or company claiming to have
sent it. If you’re not sure, pay attention to awkward sentence
construction and formatting. If something still seems fishy, do a
quick search on the Internet for the subject line. Others may have
been scammed and posted about it online.
- Some websites will ask you to sign in with a specific service
to access features or post a comment. Ensure the login option isn’t
a sneaky phish, and if you’re giving permission to an app to
perform a task, ensure you know how to revoke access once you no
longer need it. Old, abandoned connections from service to service
are an easy way to see your main account compromised by spam.
- Keep sensitive data off the cloud. “No matter which way you cut
it, data stored on the cloud doesn’t belong to you,” says Taggart.
“There are very few cloud storage solutions that offer encryption
for ‘data at rest.’ Use the cloud accordingly. If it’s important,
don’t.”
While most banks allow their clients to set financial limits for
online transactions, cyber criminals may make multiple small value
fund transfers to work around these limits. As a precautionary
measure, check your bank account transactions regularly for any
unauthorised transactions.
Online banking has brought about ease and convenience for us.
However, you should always be cautious of the perils of the
Internet.
Discussion of operating system patches and application updates
should also be included.
1. Software updates do a lot of things
Software updates offer plenty of benefits. It’s all about
revisions. These might include repairing security holes that have
been discovered and fixing or removing computer bugs. Updates can
add new features to your devices and remove outdated ones.
While you’re at it, it’s a good idea to make sure your operating
system is running the latest version.
2. Updates help patch security flaws
Hackers love security flaws, also known as software
vulnerabilities. A software vulnerability is a security hole or
weakness found in a software program or operating system. Hackers
can take advantage of the weakness by writing code to target the
vulnerability. The code is packaged into malware — short for
malicious software.
An exploit sometimes can infect your computer with no action on
your part other than viewing a rogue website, opening a compromised
message, or playing infected media.
What happens next? The malware can steal data saved on your
device or allow the attacker to gain control over your computer and
encrypt your files.
Software updates often include software patches. They cover the
security holes to keep hackers out.
3. Software updates help protect your data
You probably keep a lot of documents and personal information on
your devices. Your personally identifiable information — from
emails to bank account information — is valuable to
cybercriminals.
They can use it to commit crimes in your name or sell it on the
dark web to enable others to commit crimes. If it’s a ransomware
attack, they might encrypt your data. You might have to pay a
ransom for an encryption key to get it back. Or, worse, you might
pay a ransom and not get it back.
Updating your software and operating systems helps keep hackers
out.