Note: If you suspect that you are infected, this isn’t the post for you. This is a post about being proactive.
The following are things that should not be scheduled, they should be done automatically, or whenever possible, with highest frequency.
1) Insure that you have anti-virus and anti-malware protection of some sort on your computer and that they are updated automatically. If an automatic update is not available for the free version of the software package you are using, then every time you turn that computer on, the first thing you should do is check for updates.
2) Insure that your computers OS is updated automatically and check for optional updates. Sometimes optional updates are really not optional. The are just put on hold because of their size. You need to schedule time for and activate these large updates at your earliest convenience.
Weekly Security Maintenance:
1) Although not actually a security step, having a good backup will save you when everything goes awry. Depending on the value of your data and the amount of use your system has, you may want to do this more frequently than once a week. For the average user, backing up once a week should be sufficient. There are systems (e.g. WD My Cloud and other Western Digital products) that will perform a continuous backup. That is, whenever a file is edited, it is automatically backed up. Some offer file versioning. I use a continuous offline backup with versioning. CryptoLocker is an example of a malicious program that will encrypt all your files on network shares, attached drives and on the local computer. So having an offline-backup is critical in defense of ransom-ware like CryptoLocker.
2) Force a “check for updates,” “apt-get update && apt-get upgrade,” or whatever update schema you use, force a check and apply updates manually.
- For Microsoft systems, check the update installation history and look for failed updates. These need to be addressed manually. By each Microsoft update, there will be a “KB” number. Copy this number and look on http://www.microsoft.com/en-us/download/default.aspx website to find how to install the broken update manually and do it. If you can’t get the update to install by following the instructions, ask for help.
- For Linux distributions (Ubuntu, Debian, Red Hat, CentOS, Fedora, etc.) use your favorite method of applying updates. Don’t forget to apply distribution-level updates as well. And reboot. I know, you shouldn’t need to reboot, but do it anyway.
3) Force an update then execute a full scan first on your anti-malware/spyware then with your anti-virus system. Delete the files/cookies as determined by your system. If you wish, you can delete your temporary internet files.
Monthly Maintenance
1) Scandisk or “chkdsk c: /f” (for you DOS guys). I’m not to fond of defragging as the thought of physically relocating my data on a disk for aesthetic reasons repulses me. There is a debate on whether a modern hard drive with a modern filesystem needs to be defragged or not. However, error-checking should be accomplished at-least monthly and will help keep your system running clean.
2) If you are using Firefox, Chrome or some other 3rd-party browser, force a check for an update/upgrade and apply. Make sure this happens correctly. You may have to go to the browser’s website, download and reinstall manually.
3) Check for updates to your browser plugins. Many do this automatically, but it doesn’t hurt to check the status of them. Technology is great when it works, but when it doesn’t, things go bad, real fast. There was a recent combined Adobe Flash/IE/Kernel hack publicized, before a patch was released. It was such a great threat, that Microsoft actually released a patch for Windows XP, which they had discontinued support for.
4) Disable browser plugins that you don’t recognize or use.
There are many things that one can do to increase the security posture of one’s computer system. This article is just addressing those things that should be done on a routine basis. Finally, if you are using a system that is no longer supported by the publisher or manufacturer, ditch it and get a supported system.