Happy Trails Computer Club

home > security > overview > defense  
Multi-Layer Defense

Concept

Perimeter Defense: The best way to keep hackers and malicious computer code at bay is to set up a perimeter defense. Keep your system up to date, install a firewall, and use your common sense to avoid menaces from the Internet, especially those that arrive by email. One thing to keep in mind: When someone else has access to your computer, you may not have much of a perimeter defense. A perimeter defense can't protect a vulnerable (that's not venerable) user either.

Internal Defense: Neutralize anything dangerous that does get past your perimeter. Use antivirus software, and keep your antivirus signatures up to date. Traditional antivirus programs do not do well on worms (yet), so it's good to augment them with at least an anti-malware program. Backups are your last-ditch defense. Make backups of everything you consider irreplaceable, and keep them up to date.

Analogy: Our gated perimeter at Happy Trails gives us a nice sense of security. Unfortunately, a few residents have learned the hard way that that's not enough. After hearing about a few incidents, I now keep my doors and shed locked at night to provide some internal defense. You need to maintain some caution here too. In fact one resident lost her life through deception.

Pick your plan

Level-1: A basic plan that offers tolerable protection for moderate online activity -- reading email and visiting well known Web sites. Computer users with average experience should be able to implement and manage this plan easily. Beginners may need some help.

Level-2: The average user will have adequate protection with this plan. It also adds the dimension of privacy protection. You need a little more than average experience or determination to implement and manage this plan.

Level-3: For the user who wants or needs the best security and privacy that reasonable effort can provide. You will need intermediate-to-advanced computing skills to implement and use this plan.

If you're looking for solid "click-it-and-forget-it" security you may feel let down by these plans. First the bad news: there's no such thing. The good news? The "Level-2" plan comes close, but it's certainly not click-and-forget. You will need to keep some things up to date -- your virus and malware reference files, for example -- if your want your security to remain effective.

Implement your defense plan

Don't be in too much of a rush. Some of your defense measures are going to cause your machine to work differently. You won't know what caused a problem if you make a bunch of changes all at once. You probably already have some measures in place already. Start with the elements that are highlighted in yellow. There is no particular order that is best for the other elements.

Test your defenses

There are lots of free tests online that you can use these days. It's worse to have a defective defense than to have no defense at all. With your false sense of security you're bound to stumble into a trap.

Resources

The "Single-Layer Defense" Fallacy: A still timely discussion of multi-layer defenses.

"A paranoid is someone who knows a little of what's going on." -- William S. Burroughs
club stuff
help
topics
computers
software
hardware
internet
security
overview
   lost? > index
attack vectors
   attachments
   deception
   email
   hackers
   web sites
   worms
defenses
   #  2  3
safe settings
   system
   browser
   email client
safe practices
   patching
   email
   attachments
   surfing
   file handling
defense tools
   malware
   antivirus
   anti-trojan
   firewalls
defense tests
privacy
resources