How to Run a Stable, Safe, Secure Desktop Computer

It's funny how people hire me and ask me this question. Usually I ask is this the most important thing to you/your business? And they agree. After all what's the point of having a computer if you can't use it all day, every day, day after day and it always works and works the same way?

When I give them the answer they don't take my advice. This pattern is repeated several times until gradually they realise why I always ask the question first. If the most important thing about your PC is playing the latest games accross the Net then this advice is not for you. This advice is for SoHo's who need their machines to work.

The Ten Commandments

Make it a regular Friday arvo job to download the latest definitions and run the scanner. The tool should automatically do this as well as checking all emails. There are plenty of good anti-virus tools out there. I've been using Norton AntiVirus for as many years as it has existed. I've never caught a virus. Enough said.
In a Nutshell Details
1. Don't run Windows I can't get Windows to achieve the criteria above as well as, as cheap as or as easy as I can on Linux/FreeBSD. Even my luddite Dad has a better run on his Macs than most PC users. I will not go too far into the reasons but surfice to say 90% of people disagree with me here and won't part with their Windows so the other 10 commandments become even more inportant
2. Keep you OS and applications up to dateYou must patch/update to cover all the bugs and security holes that exist and are always being found. In Windows go to www.windowsupdate.com
3. Use and keep up to date a virus scanner
4. Install and use a Spyware checker AdAware does a great job of finding and eliminating all the little programs that get installed that copy the keystrokes as you do your Internet banking and send them to a Russian server(!!!) or sending a list of every Website you visit to a spammer in the USA.
5. Install and use a Personal Firewall If you don't you might as well give up now. There are plenty from Norton, McAfee etc. I like BlackIce and Tiny Personal Firewall myself. You simply must get one and learn to use it rather than turning it off when you can't immediately do what you want.
6. Do not use Microsoft Internet products ie. Outlook/Outlook Express/Internet Explorer This is the 2nd hardest to convince people of but simply put you don't get affect by the vast majority of Worms, viruses and trojans if you don't. You can also learn how to customise and tune Outlook and IE and turn on and keep on all their security features too. However be aware they have a habit of reverting to insecure settings. And wouldn't it just be easier to use Netscape?
7. Never click on or open any email attachment from any senderwithout first phoning them or emailling them back and confirming that they sent it If this seems paranoid it is. Most worms etc. spread via Outlook address books so they will send a copy of themselves and seem to come from someone you know. Outlook can infect your PC just by looking at the title of the email if your settings are not tweaked correctly. No other email program will cause this problem (hence the point above) but you should be very wary of all attachments.
8. Passwords. I can guess 90% of my clients passwords or crack them. Make them good, don't reuse them, change them occassionally. A good password is a phrase that you encode. Say your favourite song is by Celine Dion (in which case you need more help than I can give you!), your phrase might be "Celine Dion is a great singer". So you password, which should contain a mixture of numbers, upper and lower case letter and symbols might become "CDis1gr8S!Nga#". I can guess so many passwords as they contain family, friend, pets, car names, number plates, addresses, phone numbers, birthdays, favourite colours, bands, songs etc. The password cannot be or be based on a dictionary word or phrase. Commaon bad passwords "helen1", "fido", "NHG-205", "r2d2", "fred1969". Never give a password out via email or phone or on a website. The only password anyone will ever need to know is the one you have with that organisation and they will have a copy of it. If you rang them then it's fine. But if someone rang you, how do you know they are really from the place they say?
9. Only install what you need to use.Use your home or second computer for games etc. Businesses should consider using lockdown tools to stop staff installing anything unnecessary to productivity. Every installed program and piece of hardware is a chance for something to go wrong. If all you do (like 90%) or people is email, web and word processing then you only need 3 programs (2 if you use Netscape!) Uninstall the rest.
10. Backup!!! If you ignore rule one, sooner or later you will lose the lot. If nothing else a fire, storm or hardrive failure will rob you of everything. For many small businesses that would be the end of themThere is only one form of backup worth having and that's one you check has worked. I can only recommend getting an external USB harddrive case and simply copying all the files to it then taking it home/to another office. Do this at least once a week. Have another one that you backup every day to. Plug them into another PC and try recoverying data. No other method is OS and software independant, shows files and all their detauls eg. size/date for anyone to see (unlike tapes which you cannot check unless you run a restore program).