Security Threats

An ever-changing problem, with a constant war of attack and defense

There's been a significant change in patterns of attack.

It's much more likely to find organized crime doing it, rather than bored kiddies. Criminals use it for:

What Beachwerks thinks and does about security

Kinds of threats


Trigger only if you open a program or file containing it.  
Never open an email attachment from an unknown or untrusted source.
Spread only when people send files containing them
Less of a threat than in the past, but still significant
Most likely to destroy files on your computer
Run antivirus software


Danger can be minimal, only causing advertising to be customized for you
A Web "cookie" is, to some extent, a form of spyware, but it is appropriate and necessary to work with trusted sites
Evil spyware can grab your passwords, credit card numbers, etc., and send to a Bad Guy
Run antispyware software


Can enter a computer without an action by you, if you are not protected by security patches and security software
Use your computer as a breeding ground to spread
Rapid spread can be enough to clog and shut down your external links
An especially robust worm such as Slammer has shut down millions of computers and much of the Internet
Run antispyware, antivirus, and firewall software

Trojan Horses

Seem like useful programs but have embedded viruses or other bad things
Download programs and utilities only from trusted sources
Run antivirus and antispyware programs

Consider several forms of protection

Versus unstable software (such as Windows)

Install and use third-party stability-enhancing software
Do regular maintenance & backups, or have Beachwerks do it for you under contract

Versus evil software ("malware")

Practice "safe computing"
Use security protection software. This means, at the least, tool(s) that have antivirus and antispyware  capability for your disks, and a firewall  for your computer.
You also may want to run a popup blocker (sometimes called an adware blocker) with your Web browser. We recommend using a browser other than Internet Explorer for things that don't specifically require it, such as some Microsoft support functions. We use Mozilla Firefox, which is free.

Against other kinds of threats, you want, at least, a firewall, even if there's one on your router. You also may want host intrustion detection software (HIDS). While there are freeware versions of these, be sure that either the vendor or a support service (like us) is available to interpret warnings these other tools give you, and help you respond appropriately to them. Developer or third-party support people will periodically update the threat-prevention rules for these tools.

Protecting against compromise of your sensitive data, and forgeries of email apparently from you

Use encryption software to hold sensitive files on your computer
Encrypt the contents of sensitive email (all parties have to agree on encryption method)
Digitally sign your email (use public key, or "key ring" signed by well-known people in your community)