Tuesday, April 15, 2008

Latest Symantec Internet Security Threat Report

This is my first post on the Montana BiblioTechies blog. Thanks to all you MBTs for inviting me. I hope to be a good MBTT (Montana BiblioTechie Trainee). My angle is security and my inclination is toward Microsoft products. I run a completely Microsoft shop at MPL, although that is slowly changing with some MAC OS and soon some Linux flavors.

Every six months Symantec publishes a document called the Internet Security Threat Report. The report on the last six months of 2007 has recently been released. The short version, which I have linked to above, is 36 pages of geek-speak.

One of the leading interesting points is that attacks are increasingly going web-based. What does this mean? Haven't we always had to be careful about clicking on urls we get in email?

Yes, you have, and now you need to be even more careful. The document states at one point that "... attackers are particularly targeting sites that are likely to be trusted by end users, such as social networking sites." Attacks against generally trusted sites are getting more clever and so more successful.

What does this mean for the Montana librarian, who doesn't have a CS degree and doesn't stay up to the wee hours learning how to protect themselves? I think it means that you simply pay attention to the basics, and always keep your ear open to getting a little more security savvy.

The basics are Windows updates, anti spyware and anti virus, and good passwords. This is a good start. Keep up with your Windows updates. The latest from Microsoft are released the second Tuesday of every month. You should have your PCs updated by the end of that week.

All the main antivirus vendors are good so which one you use is not as important as that you should be using one or another. I also use Spybot which is a free antispyware product. Run a manual scan every week or two and you might be suprised at what you collect on your PC.

I'll talk about passwords in a later post as I tend to drone on about passwords.

Thanks y'all.

No comments: