HOME
TOPICS
ABOUT ME
MAIL

 
Show this article to your boss or to the folks who take care of the computers in your office.
  technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983

Office PC safety: How companies can protect their Windows PCs


Spet. 4, 2002


By Al Fasoldt
Copyright © 2002, Al Fasoldt
Copyright © 2002, The Post-Standard

   Last week I told you how to check the computer you use at the office to see if it is protected against hackers and viruses. This week I'll tell your boss (or your computer manager) what has to be done to keep every office PC safe.
   Show this article to your boss or to the folks who take care of the computers in your office. Be polite and don't make a scene if they don't seem to care. They probably care a lot, but they might not be able to understand some of this stuff right away. Give them time, but don't let them slip. Your safety is their safety.
   (One more caution: Please don't change your office PC except for background wallpaper without the permission of the folks in charge. They can't keep up with hackers if they're struggling to keep up with you.)
   Here's what companies have to do to make their Windows PCs as safe as possible:
   1. Update Internet Explorer to version 5.5 or later. Later versions aren't necessarily better or safer, but Microsoft is more likely to fix current versions than old versions. Then download and install ALL the patches and fixes from the Windows update site.
   2. Patch Internet Explorer from the Windows update site. Apply and install ALL patches.
   3. Install a script blocker to fix the remaining script-based security holes in Internet Explorer. (Scripts allow viruses and spyware to take over a PC. Office PCs are favorite targets.) The best is Script Sentry from www.jasons-toolbox.com. It's free for personal use; companies should send the author a small donation. (His price schedule starts at $1 per user.)
   4. Control cookies. If you let Web sites plant cookies on office computers, you're losing control over private company information. Set up Internet Explorer to block all cookies. (I don't recommend a cookie manager such as Cookie Pal for office PCs unless your office does business over the Web.)
   5. Get a hardware firewall if your office has a high-speed (so-called "broadband") connection to the Internet. Big offices probably need a commercial-grade firewall. (Search www.google.com using those three words for suitable firewalls.) Smaller offices should be able to use routers that have firewalls built in. I use a Linksys router-firewall: technofileonline/texts/bit032801.html.
   6. Install software firewalls on all office PCs if your office uses dialup connections (a modem connected to the phone line). You can get a good one free from www.zonelabs.com, and Zone Labs also sells a firewall designed for large companies.
   7. Install modern antivirus software on every PC. I recommend AVG, free for home and office users from www.grisoft.com. Be sure to set it up to check incoming and outgoing e-mail.
   8. Make it company policy that no one is allowed to download anything without the approval of a designated manager. Spyware is usually delivered to unsuspecting users through what appear to be normal downloads.
   9. Tell everyone to ask a manager's advice before opening suspicious e-mail. As much as 30 percent of all e-mail contains viruses.
   10. Ask computer-savvy employees to help set up policies for dealing with security and safety. Get them involved. They're a great asset.