CLLB Information Security Newsletter. March 2008 Volume 1, Issue 2.

CLLB Information Scurity Newsletter
March 2008 Volume 1, Issue 2
Annual Maintenance For Computers

From the Desk of David Badertscher

Perform Annual Maintenance in Conjunction With Daylight Savings Time Change

In addition to your routine security and maintenance processes, you should perform an annual PC “tune up” or maintenance to be sure that your computer is operating efficiently, that appropriate software updates and settings have been applied and to minimize the risk of losing your data. Performing your annual check up with the switch to Daylight Savings Time is a great way to develop an annual schedule. One important step to take before performing maintenance is to back up all your data, in case anything goes wrong during your maintenance.

System and Data Backups – Review, update and test your file backup process.

If you do not have a backup system, consider purchasing a portable back up hard drive.
Check your scheduled “backup” scheme to see if it is still applicable. Add folders and files to be backed up as necessary. Test the restore function for the backed up files to ensure the restore works properly. Create a folder on you computer and restore your back up to the folder. Afterwards, delete the test folder.

Firewall – Check firewall settings to check for a current licensed version and updates.

Review settings for product configurations. Confirm settings are appropriate for the current level of security needed. Review firewall settings to ensure they are configured for automatic updates (if available), known applications are allowed, known inappropriate sites are blocked and known port scans are blocked. Confirm that the firewall is updated and that the license is current (if applicable).

Internet Browser – Check your browser configuration to ensure you have appropriate secure zone settings.

Review current zone settings (Tools/Internet Options/Security tab) for appropriate levels. The minimum level of security should be the default level which is set at Medium-High for the Internet zone. Adjustments can be made based on your needs.Confirm “Automatic Update” settings for your browser are set properly (applied at least weekly or as available).

Anti-Virus, Anti-Spam, and Anti-Spyware – Check all products for current versions and updates.

Confirm “Automatic Update” settings are set properly (applied at least weekly or as available).Confirm that applicable updates have been applied and that you have current versions and updates for all products. You may need to visit the vendor site for details. Confirm that your software licenses are current (if applicable). Run complete virus and anti-spyware scans on all drives. This should be done on a weekly basis.

Other Computer Software – Update other frequently used software programs, especially those that interface with the Internet.

Some software programs have “Automatic Update” features, others do not. Check your software programs (media players, music players, Adobe, etc.) for updates and new software versions. Follow the instructions within each program for updating.

The recommendations below are designed for Windows XP Operating System (since this the most prevalent operating system) and thus some steps may be slightly different with other Windows operating systems.

Operating System – Check for updates and remove unneeded programs.

Confirm that the “Automatic Update” settings are set properly (applied at least weekly or as available). Confirm that Applicable updates (Critical, Important) have been applied to your operating system (Settings/Control Panel/Add or Remove Programs and click Show updates).
Remove old System Restore Points – Use Start/Control Panel/System/System Restore tab, check “Turn off System Restore” box to remove all restore points except the most recent.
Remove unneeded programs and “trial” programs. Go to Settings/Control Panel/Add or Remove Programs to uninstall a program.

Hard Disk Drive Maintenance – Ensure your hard disk is operating at peak efficiency.

Scan your Hard Disk for errors. In Windows Explorer select the drive then right click-Properties/Tools/Check Now/.

Check “Automatically fix file system errors” and “Scan for and attempt recovery of bad sectors.” Defragment your Hard Disk Drive. The data on your hard drive can get separated or fragmented and therefore makes your computer less efficient. Defragmenting physically reorganizing the data to store the pieces of each file close together for more efficient storage and retrieval. In Windows Explorer select the drive then right click-Properties/Tools/Defrag Now.
Remove old files and emails on your PC. Remember to empty the “Recycle Bin” or “Deleted Items” (Outlook) folders.

Clean up your disk to remove cookies, temp files, cache, and history files. Go to Start/Program/Accessories/System Tools/Disk Cleanup.

Additional resources for PC maintenance can be found at:

Microsoft PC Care Online
www.microsoft.com/athome/moredone/maintenance.mspx

Microsoft Backup Utility
http://support.microsoft.com/kb/308422/

For more cyber security monthly tips go to: www.msisac.org/awareness/news/

More News:

From SC Magazine Newswire March 4, 2008.

Fake Department of Justice complaint-spam strikes again Jim Carr March 03, 2008 “In what could presage a rash of tax-time spam emails purportedly from government agencies, security researchers at MX Logic have uncovered an influx of keylogger-laden emails spoofing the U.S. Department of Justice (DOJ). ”

Sourcefire offers weak outlook following rough fourth quarter “Dan Kaplan February 29, 2008 A dismal earnings forecast this week from intrusion prevention maker Sourcefire underscores some of the challenges facing public IT security companies, a pair of analysts said Friday.”

Report outs banks with most ID theft complaints Sue Marquette Poremba February 29, 2008 “Consumers, regulators, and businesses have no way to reliably assess the incidences and frequency of identity fraud at major financial institutions, a new study concludes.”

Survey: IT security employees in demand, but skills lack Sue Marquette Poremba February 28, 2008 “There is a wide gap between IT security skills that organizations need and the skills IT professionals bring to the job, according to a new survey by the Computing Technology Industry Association (CompTIA).”

From Government Computer News, March 7, 2008.

Biometrics accreditation planned “The Homeland Security Department has asked the National Institute of Standards and Technology to develop a Biometrics Laboratory Accreditation Program that would accredit laboratories to evaluate biometric ID systems.”

Contact Information