Whether you are operating a home system, overseeing a small startup, or performing security governance for an enterprise, everyone can benefit from paying attention to security. This white paper provides a list of 10 security tools and tests that will help you check out suspicious issues and keep ahead of new risks and threats.
By now, you should be aware that security management is essential for everyone. Whether you are operating a home system, overseeing a small startup, or performing security governance for an enterprise, everyone can benefit from paying more attention to security. Without going into great detail, here are the basics of personal technology security:
- Always operate your computer as a regular user account, rather than an administrator.
- Have a firewall on every system.
- Keep your anti-malware and anti-spyware scanners up to date.
- Avoid risky activities, such as opening attachments and downloading files from unknown sources.
I assume that you have already addressed these concerns and want to know the next steps in the pursuit of a more secure computing system. To that end, I'm sharing a list of 10 security tools or security tests that everyone should know how to use. These are products and services that will assist you confirm that your security is robust, check out suspicious issues, and keep ahead of new risks and threats.
Note: Most of the tools I recommend are Windows only. If you know of Mac or Linux solutions that offer similar functionality please send me a message. Also, most of the items I list are free. Some have paid versions you might consider if you discover the free version is indispensable.
Once a system has been updated, configured, and otherwise “secured,” the next step is to test and evaluate the established security. There are a wide range of security scanners and vulnerability assessment tools available. One of the best is Tenable's Nessus. For personal use, Nessus Home is free to use to scan up to 16 systems. Nessus Home offers a thorough security scanner, which assesses configurations, patches, malware, mobile devices, and more. The commercial version of Nessus is suitable for scanning enterprise networks. The Nessus Home product is just as robust, but not overly complex. The scan reports from Nessus are amazingly detailed. By following up on each issue discovered by Nessus Home, you are sure to improve your overall security stance.
To check out Nessus Home for yourself, visit: http://www.tenable.com/products/nessus-home
Everyone encounters suspicious files from time to time. Files from unknown sources could be infected by malware. There are a number of online virus scanning services, of which VirusTotal is one of the best. To quote their own description: “VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners.”
VirusTotal maintains over 50 malware and spyware scanners which you can use to check out files. You can either upload a file from your local system or provide a URL to a questionable file. In either case, VirusTotal will perform a real-time scan of the suspect file and provide you with the results. You can use this free online service to keep your infection risk low. Since only a single real-time scanner can be run on your own local machine, having 50+ malware scanners available for use is an invaluable asset. The range of different detection engines, scanning features, and custom definition databases amongst the wide range of anti-malware products can be brought to bear without having to maintain dozens of separate systems yourself.
If you have a file that you think might be infected, toss it up to https://www.virustotal.com/.