Select Committee on Science and Technology Minutes of Evidence


Annex 1

USER'S BEST PRACTICES

  1. Use an Internet security solution that combines antivirus, firewall, intrusion detection, and vulnerability management for maximum protection against malicious code and other threats.

  2. Ensure that security patches are up-to-date and that they are applied to all vulnerable applications in a timely manner.

  3. Ensure that passwords are a mix of letters and numbers. Do not use dictionary words. Change passwords often.

  4. Never view, open or execute any email attachment unless the attachment is expected and the purpose of the attachment is known.

  5. Keep virus definitions updated regularly. By deploying the latest virus definitions, private users can protect their computers against the latest viruses known to be spreading "in the wild".

  6. Private users should routinely check to see if their PC or Macintosh system is vulnerable to threats.

  7. All computer users need to know how to recognise computer hoaxes and phishing scams. Hoaxes typically include a bogus email warning to "send this to everyone you know" and/or improper technical jargon that is intended to frighten or mislead users. Phishing scams are much more sophisticated. Often arriving in email, phishing scams appear to come from a legitimate organisation and entice users to enter credit card or other confidential information into forms on a Web site designed to look like that of the legitimate organisation. Computer users also need to consider who is sending the information and determine if the sender is a trustworthy, reliable source. The best course of action is to simply delete these types of emails.

  8. Private users can get involved in fighting cybercrime by tracking and reporting intruders. With Symantec Security Check's tracing service, users can quickly identify the location of potential hackers and forward the information to the attacker's Internet service provider or local police.

  9. Be aware of the differences between adware and spyware. Adware is often used to gather data for marketing purposes and generally has a valid, benign purpose. Spyware, on the other hand, may be used for malicious purposes, such as identity theft.

  10. Both spyware and adware can be automatically installed on a computer along with file-sharing programs, free downloads, and freeware and shareware versions of software, or by clicking on links and/or attachments in e-mail messages, or via instant messaging clients. Therefore, users should be informed and selective about what they install on their computer.

  11. Don't just click those "Yes, I accept" buttons on end-user licensing agreements (EULAs). Some spyware and adware applications can be installed after an end user has accept the EULA, or as a consequence of that acceptance. Read EULAs carefully to examine what they mean in terms of privacy. The agreement should clearly explain what the product is doing and provide an uninstaller.

  12. Beware of programs that flash ads in the user interface. Many spyware programs track how users respond to these ads, and their presence is a red flag. When users see ads in a program's user interface, they may be looking at a piece of spyware.




 
previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2007