We frequently get asked for guidelines for securing a home or small office computer.  It is estimated that an unprotected/ unpatched computer will last no longer than 20 minutes before being infected when connected to the internet - and that is without opening any emails or visiting any websites.  As well as viruses spyware has become prevalent.  These can range from programs that track the user's web use or or will cause pop-up adverts to appear every time Internet Explorer is ran.  The default home page is often changed and despite being reset will revert back to an advertising or 'adult' site.  We frequently come across clients who have run up, without their knowledge, telephone bills of hundreds of pounds as a result of trojan diallers changing the default dial-up number for a premium rate number.  Keyloggers are quite common - every keystroke is recorded (including passwords and credit card numbers) and transmitted to a foreign site without the user's knowledge.  'Phishing' is becoming common - an email arrives purporting to come from a bank or PayPal or similar asking the user to re-enter their details as the site has had a 'technical upgrade'.  Although looking genuine this is from a rogue site and the user in reality is handing over their login details to scammers.

The following are essential to protect your computer:

1. Firewall - essential for dial-up users and ADSL users using a broadband modem.  Most broadband routers - as opposed to broadband modems - have a built in firewall but it is still worth installing a software firewall as this protects against outgoing rogue connections.  One of the best available is downloadable from ZoneAlarm - the free version is completely adequate (there is also a 'Pro' version that there is a charge for).
2. Anti-virus - available from many reputable vendors including Symantec, Mcafee, and many others.  AVG offer a version that is free for personal use.  All virus programs must be updated regularly to be effective - most will allow for automatic updates when on-line.
3. Anti-spyware - we would recommend installing both Adaware and Spybot - one will often pick up items that the other misses and the combination offers good protection.  Spybot also blocks many advertising sites and features a 'Teatimer' program that will warn against changes to the computer's registry.  SpywareBlaster is also worth installing - it does not remove spyware but prevents much of it being installed in the first place.  These programs are all available as free versions although there are paid for versions of Adaware and SpywareBlaster that support automatic updating.
4. Windows Update - http://windowsupdate.microsoft.com - this is currently a free service from Microsoft and it is essential that this process is ran on a regular basis.  It works with Windows 98 onwards.  If you have a dial-up connection be prepared for many hours of downloading - there is now well in excess of 100MB of patches and security updates that must be installed to secure any version of Windows.  It is an on-going process and new patches can be released sometimes on a weekly basis.
5. Office Update - http://office.microsoft.com - if you run any version of Microsoft Office (from 2000 and later) it is again essential to ensure that all patches are applied.  This again involves up to 100MB of downloads.

A machine with the above installed will be reasonably well protected providing all latest patches and updates are applied regularly.  However they will not protect against users unknowingly installing rogue programs.  These often install in the background while another program is being installed - beware of file sharing programs and 'helper' search bars in particular.  Also beware of any website that wishes to install an Active X control.  Email attachments should be treated with caution - even if the email is from someone you recognise.