Remote Support - Internet Outage Detector - Articles - Billing - Github - Testing - Contact

How secure am I?

 

Computer Security. Can't live with it, can't live without it. What is your Computer Security Grade?

 

Grade D - You do all work and play in a single windows account that has admin rights, and you don't understand the importance of UAC, or don't know what UAC is, and don't use SRP.

Grade C - You work, play, email, and search the internet in a single windows account that has admin rights, and you understand and use UAC, but don't use SRP.

Grade B - You have separate accounts for Work and Play, the Play account doesn't have admin rights and doesn't contain sensitive data, and you never use the Work account to do facebook or email or search the internet (as with google). But - the computer would allow it. You know your own admin password and you understand the importance of UAC.

Grade B - You can also earn Grade B if you use SRP (Software Restriction Policies) and have the ability to adjust your own whitelist. It doesn't matter if you search the internet or do email or facebook or risky websites under a single username.

Grade A - You have separate accounts for Work and Play, and the computer doesn't allow you to do facebook, email, or search the internet using the Work account. You use the Play account for email and full internet access. You don't know your own admin password, only your "office guru" does. Your Work account also has a good password and you are the only person who knows it.

Grade A - You use SRP (Software Restriction Policies) and don't have permissions to modify your own whitelist, only your "office guru" does. It doesn't matter if you search the internet or do email or facebook or risky websites under a single username.

 

Notice that whether or not you use antivirus software doesn't make a big enough difference to affect which category you fall into here.

 

  Security Grade
  A B C D
You will probably need to pay a tech a lot of money to reinstall windows periodically NO NO NO YES
Hackers could periodically steal your passwords and data, even if you always click NO on UAC NO NO YES YES
Hackers could eventually obtain the ability to modify, delete and encrypt your data with malware like cryptolocker, even if you always click NO on UAC NO NO YES YES

If a hacker tricks you into following their commands, or you somehow become possessed or turn evil, you could give hackers control of your computer allowing them to steal, modify, delete, and encrypt your company's sensitive data

NO YES YES YES

 

The categories above do not cover the scenario where an attacker steals your computer, or has physical access to it. However, you can easily protect your computers from these attacks by using full disk encryption software such as Veracrypt, and not leaving your computer logged in when you leave it.

THE PROBLEM with Grade A security is inconvenience. The more secure a system is, the less convenient it is. It can get so inconvenient that users get frustrated just trying to use the computer. If you don't have sensitive data, I don't recommend you put yourself thru the trouble of dealing with Grade A security.

For most computers, I recommend having a passworded admin account, but using a single non-admin account for working and playing, and using SRP (Software Restriction Policies).

What concerns me is that MOST companies (not only in Camden, but in the U.S.) use grade D security, which exposes sensitive data, and allows mischief to happen like the iCloud celebrity nude photo incident, the Target and Home Depot, the Ashley Madison affair website hack, cryptolocker attacks, countless identity thefts, countless email, twitter, and facebook account hacks, countless credit card number thefts, cyberwar, the 2014 Russian attack on the White House, the Mt Gox Bitcoin theft, Sony's devastating hacks that left them no choice but to revert to typewriters and pay an incomprehensible amount of money to fix, the Anthem medical data breach, and so on. These are all well-known hacks that got publicity but hacks happen ALL THE TIME to residential users and small businesses that you never hear about.

NONE of these hacks would have been possible had these companies been using the Grade A security technique. This technique doesn't even require purchasing any extra security software - it's all built into Windows already. However, using this security would cause a considerable decrease in employee productivity. Is it worth it?