The following guides are intended to give you some tips on what sort of features you should be looking to set up in terms of firewalls, antivirus etc. They are not step-by-step guides, but more general concepts for a good set up.
When your system has been compromised it is vital to attempt to remove the infection as soon as possible. Under no circumstances should the compromised machine be used to access any confidential information until it has been confirmed as being free of risk. Otherwise it is likely someone will get access to your information.
It is best to approach the issue in a manner similar to the following:
If you don't feel confident in handling any of the above yourself, a skilled computer technician should be able to assist you with recovering your system.
With any firewall in a home environment you want them to generally allow all traffic to flow within your local network. This allows your home computers to function in your home environment.
Many modern firewall programs support multiple profiles and as a result support a more limited profile for public networks such as wireless hotspots, or non trusted networks. This allows one to keep settings for work, home and travel separate and without conflict.
When it comes to traffic from outside your local network, such as from the Internet, it is best to limit this to what is needed and no more. In most cases all you need are email, web browsing and any particular software you might use that requires direct outbound access.
Alternatively you may wish to allow everything to leave and only replies to sent out traffic to enter. This 'stateful' approach will limit traffic to only what applications you opt to have send traffic out (such as games or web browsers), and provides generally good protection.
Most antivirus programs set themselves up securely by default, and don't need to be touched beyond minor tweaking.
However not all do, especially those that are part of complex internet security suites, so here are some key features to ensure are enabled. Keep in mind some free or limited versions may lack these features, so an up-to-date antivirus suite supported via subscription is best.
All good anti-virus programs contain resident or background scanners that scan every file activity to occur on your system. This is designed to ensure that infections can be stopped as they begin.
Ensure that resident scanners are enabled.
Opt for quarantine over outright deletion of files that cannot be 'healed'. That way you can save any vital documents that have been either falsely accused or you require, even if they are infected. For more specific information refer to your antivirus documentation.
An email scanner is useful feature many anti-virus packages include. They scan POP3 inbound and SMTP outbound unencrypted email when they detect incoming or outgoing email.
Ensured these are configured correctly. There are occasions where it may need to be disabled, such as very slow connections where issues result due to the extreme times to send the email. This should only be considered when absolutely required, as it does add risk of infested emails from passing through unchecked.
Regular full system scans are much more in-depth then the resident scanners and as such can catch what is missed by the resident scanner. Generally a weekly or daily scan recommended, especially if your PC is typically switched on for long periods. It is best to have it run when you are not using the computer so it does not impact your use.
Oddly enough, switching off your PC when not in use can offer some level of virus protection against zero day exploits.
Additionally, set the behaviors of what the scanner will do upon detection, so it will not impact too much on your general use, and be as seamless as possible.
Having the antivirus automatically update means it is an even simpler process for your usage. Most antivirus programs include a default update schedule, however it is generally set for an update in the early hours when the computer is likely to be off. This means it either fails to run or runs on the next computer start up.
By default most automatic update functions update at most once per day. Many allow for multiple hourly checks for updates and this is recommended.
For those concerned about the security of what they receive and send in email, Internode provide secure-mail. Secure-mail is encrypted between your machine and our mail server. As a result it is safe from prying eyes for this portion of the journey.
If you wish to configure secure-mail to keep your private emails confidential you can use our secure-mail guides to assist you.
There are several good sources all around the Internet that can and will help you with online security.
Both Stay Smart Online and Cybersmart have excellent online guides to explain the basic concepts to children and adults in a fun and interesting manner. A great way to get kids to understand how and why it is important to stay safe online.