So far, no one solution has
been developed that solves all computer security problems. To date, the
best strategy for protecting information systems is to use layers of
defense to stop attackers. Although security technologies can be
complex, the strategy behind them is simple: Give attackers as little as
possible to target, and protect what must be exposed with multiple
layers of security. Even if one layer is defeated, another will likely
block the attack.
Think of a medieval castle on a hilltop. Tall
watchtowers provide visibility in every direction. A massive outer wall
surrounds the castle, as does a foul moat. Attack options are limited
and grim because there are so many layers of defense to counter. The
castle’s archers, catapults, and other defenses make even approaching
the wall a daunting task, while the moat protects against undermining
the castle walls. But even if one were to somehow penetrate the outer
defenses, concentric inner walls, protected by all manner of vicious
implements, stand ready to deliver more punishment. And then, if the
inner walls are breached, the innermost keep must be stormed, which will
be defended most fiercely by its inhabitants.
Defense in depth is not a new security strategy,
but it is an effective one. Besieging a castle was a formidable task.
Eventually, of course, new technology in the form of gunpowder rendered
these defenses obsolete. Such is the nature of an arms race.
1. Windows Action Center
The easiest way to get a high-level security
overview of your computer’s own defense-in-depth strategy is to check
the Control Panel’s Action Center, shown in Figure 1.
It monitors the state of the main security components on the system:
Network Firewall, Windows Update, Virus Protection, Spyware and Other
Unwanted Software Protection, Internet Security Settings, User Account
Control, and Network Access Protection. If there are any security
concerns, a yellow or red vertical bar appears alongside a message in
the content pane to indicate the importance of the issue, along with a
red indicator (for high-priority issues) on the flag icon for this
utility in the notification area on the taskbar.
Note
Action Center also
enables you to monitor maintenance issues related to problem report
solutions, Windows Backup, Windows Update, and troubleshooting. |
If you see such an indicator, click the flag in
the notification area to open a flyout menu. You can either click the
appropriate link to resolve the issue in one step, or select Open Action
Center to view all message details and take appropriate actions. Common
reasons for indicators include outdated virus definitions, security
updates to apply, or a firewall disabled, perhaps for troubleshooting
purposes.
Microsoft graciously enables several of the main
security categories right out of the box. With no action on your part,
Network Firewall, Windows Update, Spyware and Other Unwanted Software
Protection, Internet Security Settings, and User Account Control all
show an On or OK status (see Figure 2).
Note
If the list of categories
isn’t displayed, click the arrow to the right of the main Security
category in the Action Center window. |
One
section, however, might be red even on a brand-new PC. Although it is a
universally recommended component, and you’d be remiss to get on the
Internet without one, no antivirus protection is included with Windows
7. Spyware protection is present in the form of Windows Defender, but
you must procure your own antivirus product.
Tip
Software vendors
sometimes bundle security software, including antivirus and firewall
products, that can install on top of the existing Windows solutions.
Overlapping security programs that perform the same function, when
installed at the same time, can cause conflicts and unpredictable
results. You don’t want two firewall programs, for example, operating
concurrently. You can select which firewall to run in Action Center or,
if you choose to use the built-in Windows Firewall, simply uninstall the
secondary firewall using Programs and Features in Control Panel. |
If you buy Windows 7 on a
new PC, the manufacturer may bundle antivirus software, improved
firewalls, or some spyware solution besides Windows Defender. You can
monitor these programs in Action Center as well.