Protect My Computer

There are three key steps that can help protect your computer (be it a desktop, laptop, tablet, smartphone or something else) from most common threats, regardless of the brand, model or operating system. Once you have completed the three key steps, there are some extra measures you can take to add even more security.

  1. Apply Patches
  2. Install and Update Antivirus Software
  3. Backup Your Computer and Data
  4. Go the Extra Mile
  5. Apple MacOS: Keep your Mac up to date
  6. Microsoft Windows: Update Windows
1. APPLY PATCHES

The authors, developers, and vendors of your devices operating system (OS) and all the software you run frequently discover and fix security vulnerabilities and bugs that impact the functionality. Attackers will often ‘reverse engineer' software patches to discover these bugs and learn how to compromise devuces using that software. Therefore, it is very important to promptly install all patches and updates and narrow the window of time that your device is vulnerable to these bugs. Make sure to periodically reboot your device (rather than just closing the lid on a laptop to put it to sleep) to help it install and apply updates.

To start with: enable automatic updates for your operating system:

Next, update all of the applications you have installed. If you installed them from the operating system's app store, you have one place to go, and you can configure your app store to automatically apply updates. For these reasons, and because the vendors usually have security and privacy standards for their app stores, it is preferable to install your apps from the app store rather than manually downloading and installing the applications. For any applications that you manually installed, you will need to consult the documentation for each app to learn how to check for updates. Usually there is a menu option to do so. It is good practice to check for application updates at least once per month.

GRC-owned computers should be managed by GRC IT staff, who are responsible for patching and updating your computer. If you notice that your GRC-owned computer is not up to date, please contact your IT helpdesk.

2. INSTALL AND UPDATE ANTIVIRUS SOFTWARE

Computer viruses are code that attack your device and frequently corrupt or delete your data, install malware, or steal your personal information like your banking passwords so that they can empty your accounts. Viruses usually have some mechanism to spread between devices, often taking advantage of vulnerabilities in software or operating systems or pretending to be legitimate software so that you will choose to install it.

The nature of computer viruses is rapidly evolving, and many new viruses are released into the world every day by cyber-criminals. The good news is that modern operating systems are much more secure than even a few years ago and include built-in protections against viruses. For example, Microsoft Windows includes a built-in feature called ‘Windows Defender' or ‘Windows Security', and Apple Mac includes a feature called ‘Gatekeeper'.

To be extra sure, you can install additional commercial or free antivirus software. There are too many vendors and products to make a strong recommendation, so do some research to find the best fit for you. To go the extra mile, see the section below on anti-malware software.

GRC-owned computers should have GRC-managed antivirus. Contact the IT helpdesk for help with your GRC installed antivirus software.

3. BACKUP YOUR COMPUTER AND DATA

The reason you have a computer is because of your data - the files you work with, such as classwork, the novel you are working on, or your taxes. There are many ways your files could become unusable - from something as unpredictable as your computer dying, getting lost or stolen - to intentional corruption by attackers with Ransomware (software that encrypts all your files and asks for payment to let you get them back).

There are two kinds of backups you should do:

Keep Extra Copies of Your Data Files

Extra copies of your files stored separately from your computer can help you out in case you accidentally delete or overwrite an important file, you just need quick access to a file when you don't have your computer, or could even help you recover all of your data if something drastic happens. You could make copies of your data files (such as your ‘My Documents' folder) onto an external drive for safekeeping, but an even better solution is to use a cloud-based file storage service. You install a small application which keeps a folder you select ‘in-sync' with the cloud storage. If you use multiple computers or devices, they can keep your files in sync between all of these devices, so you see the same set of files on each. They also offer sharing support, so that you can share files with collaborators, family or associates. The other benefit is that these services usually store copies of files that you update, overwrite or delete, so that you can easily pull back an old copy of a file in case you need the older version. This can be a lifesaver in case you get infected with ransomware! Because these files are synced to your computer, they will also get backed up in your computer backups (see below), providing an extra layer of protection. Just make sure you keep all of your important files in the cloud folder.

GRC accounts provide some cloud file storage in OneDrive, SharePoint, Teams, and Outlook at no cost for students, faculty and staff.

When using other cloud services with GRC data, be sure to be aware of what data types you are storing in the cloud, and who you are sharing with. GRC has very specific requirements for data sharing and it must go through the appropriate approval process first. Please contact your IT helpdesk before storing any GRC data in an alternate cloud solution.

Backup your entire computer

A backup of your entire computer is very helpful in cases in which your computer becomes entirely unusable (such as a failure or it is stolen), or if all of your data files are damaged (such as by ransomware). This will allow you to quickly recover your OS, your applications, configurations and settings, AND your data. Operating Systems have built-in utilities to backup to external drives. Buy an external drive that is 1.5-2x the size of your computer's hard drive (or SSD) to allow space to keep multiple copies of files that change over time. Plug this drive in when you make a backup, and then store it somewhere safely. You can also rotate between two external drives, with one of them safely stored somewhere else, such as a relative's house.

Another option is to use a cloud backup service. You pay a small monthly fee, install the backup software, and it constantly backs up changed files to cloud storage. This is an excellent option, because the backups are stored far away from your computer - minimizing the chance that both your computer and backup will be affected - and the backups happen automatically in the background, so you don't need to remember to run your backups or keep track of external drives. Look for a backup service that stores multiple versions of changed and deleted files. This way, if you only notice that a file is corrupt or missing sometime later, you can still recover it.

The Wirecutter review of cloud backup services is a good place to start when looking for a cloud-based backup solution.

Additional information is available in the article from Wirecutter on How to Back Up Your Computer.

The most important part of any backup is to test it! Try to restore files from your external drive or cloud backup and verify that everything works. You wouldn't want to get a bad surprise when you need it most.

4. GO THE EXTRA MILE

Once you've taken care of the three key steps, you can move on to more advanced steps that will add even greater security and privacy to your computing and online life.

Encrypt Your Hard Drive

If someone were to steal your laptop, portable drive, or other device, they have access to all of the data you have stored on it. This could include private, personal, or sometimes even embarrassing files. You can make it impossible for someone without your password to access your files by encrypting the entire drive. Both Microsoft Windows and Apple Mac support encrypting both the computer's internal drive as well as external drives. Fortunately, this is easy to do, and modern computers have been optimized for encryption so that it will have no noticeable performance impact. Be sure to select a strong password that is hard to guess, but easy for you to remember (see our Password guide). It is also a good idea to enable the operating system's password recovery feature, in which you can use an online service (Microsoft Account or iCloud) with extra security steps to recover your password.

GRC policy requires that all portable computing devices and storage media be fully encrypted. If your computer is managed by GRC IT staff, they should have already enabled encryption for laptops. Contact your IT helpdesk if you have any questions or need help with encryption of GRC computers and storage.

Run Anti-Malware Software

Malware is a more general term that refers to all sorts of unwanted software. Viruses are a category of malware, but malware can also include Ransomware, Spyware and Adware. Besides damaging your computer or data, malware can often lead to breaches of your private data or tracking of your online activity.

Most anti-virus software will stop some types of malware besides just viruses, but for the best protection, you can install dedicated anti-malware tools. You can refer to The Wirecutter guide, The Best Antivirus is not Traditional Antivirus for more information.