Editor's note: Ex-hacker Kevin Mitnick came by his security expertise the hard way. In the 1990s, his electronic penetration of some of the biggest companies in the world made him a notorious tech boogieman, and ultimately landed him five years in prison. Now free and clear, Mitnick has reinvented himself as a computer security consultant and writer. He travels the world teaching organizations how to secure their information in a world of corporate spies and younger versions of himself. He took a break from his jet-setting to share some practical security tips. Clip them and stick them on your parents' refrigerator or your IT administrator's white board.
---
Protecting yourself is very challenging in the hostile environment of the internet. Imagine a global environment where an unscrupulous person from the other side of the planet can probe your computer for weaknesses, and exploit them to gain access to your most sensitive secrets.
They can even use your computer to store data like stolen credit-card numbers or child pornography, or to attack another innocent home user or business from your system.
Here's my Top 10 list of steps you should take to protect your information and your computing resources from the bad boys and girls of cyberspace.
* Back up everything! You are not invulnerable. Catastrophic data loss can happen to you -- one worm or Trojan is all it takes.
* Choose passwords that are reasonably hard to guess -- don't just append a few numbers to a no-brainer. Always change default passwords.
* Use an antivirus product like AVG or Norton, and set it to update daily.
* Update your OS religiously and be vigilant in applying all security patches released by the software manufacturer.
* Avoid hacker-bait apps like Internet Explorer and disable automatic scripting on your e-mail client.
* Use encryption software like PGP (pretty good privacy) when sending sensitive e-mail. You can also use it to protect your entire hard drive.
* Install a spyware detection app -- or even several. Programs that can be set to run frequently, like SpyCop, are ideal.
* Use a personal firewall. Configure it to prevent other computers, networks and sites from connecting to you, and specify which programs are allowed to connect to the net automatically.
* Disable any system services you're not using, especially apps that could give others remote access to your computer (like Remote Desktop, RealVNC and NetBIOS).
* Secure your wireless networks. At home, enable WPA (Wi-Fi protected access) with a password of at least 20 characters. Configure your laptop to connect in Infrastructure mode only, and don't add networks unless they use WPA.
Hackers are becoming more sophisticated in conjuring up new ways to hijack your system by exploiting technical vulnerabilities or human nature. Don't become the next victim of unscrupulous cyberspace intruders.
