Internet Security Zone Blog

By Doctor Security

People often ask me for free advice: “Hey Doc, do I really need hard drive encryption? It’s not like I got state secrets on my laptop…” I always answer these types of questions with diagnostic questions of my own: “Well, do you keep personal data on your computer like your Social Security Number or medical records? Do you keep bank statements or tax returns on it, too?”

If the answer to either one of my questions is yes, then the answer to “do I need hard drive encryption?” becomes obvious. If people answer my question “no,” then I ask a follow-up question: “Are you a small business owner or a professional such as a lawyer, accountant or contractor who carries your clients' information around on your laptop?  Do you want to be sued if that information gets out?”

Again, if the answer is affirmative, then encryption software becomes an immediate necessity. Once my “patient” and I have determined that they need a “dose” of encryption – preventive medicine is always a good thing – then we need to figure out what’s the best HDE security software to meet their needs. It must be software that encrypts all the data on a PC, even temporary and deleted files. Another stipulation is that security controls cannot be bypassed by removing the hard drive or by booting off a CD.

I always recommend ZoneAlarm’s Hard Drive Encryption for Laptops because I know it’s powered by the same technology used in Check Point Hard Drive Encryption solution. This is industrial level technology that is used by over 14 million users in businesses and government agencies of all sizes, worldwide.

Sometimes the next question I get is “So how does hard drive encryption work? It sounds complex and complicated.” Well, it is and it isn’t. The technology that encrypts your data is very sophisticated, but getting it on your PC and using it is a very basic and simple process:

First, you purchased the software and download it to your laptop. Then you do an initial encryption that makes your entire hard drive inaccessible to anyone but you. You are asked to create a personal encryption login and setup a safety system for quick data recovery, if ever needed.

Second, when your hard drive is encrypted, you restart your computer and enter your encryption username and password. Without this password, your drive will remain encrypted - no one can get access to your information. You will see an encryption login screen every time you startup your computer.

Once you have logged in, all the encryption and decryption happens automatically without you seeing it. It is transparent and will not slow you down (see independent performance tests). You just use your computer as you normally would. HDE will not slow your PC down. Your individual files are encrypted and decrypted “on the fly” as they are accessed.

Generally, the final question to me in discussions like these is: “What happens if I forget my password?” That’s an easy one to answer if you have ZoneAlarm Extreme Security Hard Drive Encryption Edition: you just contact their customer support team by phone and they help you reset your password.

My final questions are: “So now that you know you need HDE, what are you waiting for? Do you want to be an identity theft victim? Do you want to be embarrassed (or sued) when you have to tell your business client that all their sensitive information was stolen because you don’t have hard drive encryption?”

By Doctor Security

It’s “flu season” and what do many people do to protect themselves from coming down with a bad bug? Right, they get a flu shot. It’s preventive medicine. I think we all can agree that it’s best to be proactive when it comes to our personal health. Well, guess what? The same philosophy also applies to the health of our personal computers and the personal information contained on them.

Unfortunately, it’s always open season for those of us who have PCs (even if you have Windows 7: learn more about Windows 7 security online or in previous blogs.) You can get a computer virus or be targeted for a cyber attack at anytime. So it is very important to be proactive when it comes to safeguarding your PC and your personal data.

Now, I don’t want to hear any sick excuses: “But I never get the flu…I never get viruses… I don’t go to those kinds of websites…My laptop will never get stolen…” It only takes one time to really knock you down and out. It may not kill you, but you could save yourself a lot of pain and suffering.

Good PC security software needs to be comprehensive – guarding against the gamut of threats. Lets break down the types of protection required into four categories: 1) firewall, 2) anti-virus, 3) browser security and 4) identity and data protection.

The first line of defense against cyber threats is a solid firewall. This is the technology that functions as a gatekeeper – turning away any well-known or suspicious “characters” that try to hop the fence into your system.

Robust anti-virus is what’s required to catch suspicious and unauthorized activity on your PC, protecting you from new and/or ever-evolving dynamic virus threats.

Browser security is extremely important because if you aren’t careful, you can invite bad elements into your private life and onto your personal PC without even knowing it. There are numerous scam and phishing sites that can turn your PC into a zombie to be used by organized cybercrime or trick you into revealing your financial account information and passwords.

Protecting your personal data is a great way to prevent identity theft. With laptop theft and data loss commonplace, it’s necessary to have hard drive encryption so that everything that you save on your PC is scrambled. So if your PC falls into the wrong hands, the personal, confidential, and financial information on it, can’t be decipher.  You should also get offline identity protection services  – provided free with many ZoneAlarm products.

For the most comprehensive security software that also protects your personal data, check out ZoneAlarm Extreme Security Hard Drive Encryption. It’s just what the Doctor would order. Stay healthy my friends!

By Doctor Security

Windows 7 has arrived with all the fanfare Microsoft could muster. Reviewers and early-adopters say it features better security and streamlined performance. As with earlier versions of Windows operating systems, Windows 7 makes more demands on the PC than previous versions. If you are looking to upgrade from an earlier Windows version, especially XP, you may find that your computer cannot handle Windows 7.
  
If you are into doing things the easy way, there is a quick and simple test to find out if your PC is Windows 7-ready. The Windows 7 compatibility test for PCs at http://www.windowsupgrade.net/ is free and will check out your system to determine your PC’s memory, storage, processing, and other capabilities and compare them to what Windows 7 requires. It can also recommend improvements to your PC, such as adding memory, which can enhance its performance with the new software.

Check out ZoneAlarm’s comparison chart to see what ZoneAlarm Extreme Security provides compared to standard Windows 7 security features: http://www.zonealarm.com/security/en-us/how-secure-is-windows-7.htm

Of the many things that ZoneAlarm offers that others don’t, often overlooked even by ZoneAlarm users, is the offline identity theft protection services such as:

• Daily Credit Monitoring and Fraud Alerts – monitors your credit reports daily with email alerts and reports, and notifies you if there have been changes, which is often an indication of identity theft (US only).
• Victim Recovery Service – provides free telephone counseling to guide ID theft victims through resolution and recovery (US only).

Smooth transitions and solid security can only happen with good preparation. A little effort before you begin, can save you a lot of time and frustration later.

By John Gable, Director of Consumer Product Management

Welcome Windows 7.  We have been waiting and it is finally here!

From a security perspective, Windows 7 is very similar to Vista, though it does include some additional protection particularly when compared to XP such as User Access Control. Read our last blog for more technical details. But from a more basic point of view, here is what you need to know:

* Windows 7 is an operating system, not a security product.

Even Microsoft suggests you get additional security so don’t make the mistake of thinking that you are protected if you get the new operating system.  

* Windows 7 does not provide full firewall protection.

It does include an inbound firewall, but that is all you get by default. It also has an outbound firewall, which you can turn on. However, both lack some protections that all strong firewalls include. The Windows 7 firewall does not pass a long list of leak tests (tests designed to mimic actual firewall attacks and therefore leaves you vulnerable). 

* Windows 7 does not include antivirus, and even if you add Microsoft’s free antivirus, you only have partial protection.

Separately, Microsoft offers “Security Essentials”.  This, like other standalone antivirus products, free or otherwise, detects and removes known viruses. That is good and an essential part of security that everyone should have. However, even the very best antivirus products are less than 70% effective against brand new viruses. That means that you need additional layers of security if you want to be virus-free. 

* Windows 7 leaves holes in your browser.

The web browser in Windows 7, Internet Explorer, only blocks known dangerous web sites.  That is also true with other browsers like Firefox.  They do not block new dangerous web sites that have not yet been identified as dangerous, leaving you vulnerable to new phishing scams that trick you into revealing confidential and financial data. 

Windows 7 also does not block downloading files that you think are safe but are in fact dangerous.  Nor does it block invisible “drive-by” downloads that happen automatically in the background by taking advantage of known exploits in your browser and plug-ins.

* Windows 7 does not offer identity or data protection.

With almost 10 million identity theft victims last year, identity theft may be the fastest growing crime in the world. Don’t worry, there are many things you can do to protect your identity and your data. For example: antivirus, anti-spyware and anti-phishing solutions offer some protection against this. Furthermore, hard drive encryption (Windows 7 Ultimate includes this for enterprises but does not have a consumer version) is particularly valuable to “mobile” laptop users who take their laptop with them everywhere they go.

Everyone, whether using a laptop, PC, or no computer at all, is vulnerable to offline identity attacks. You should also consider some offline protection like Credit Bureau Monitoring included for no extra charge in many ZoneAlarm products. 

Welcome Windows 7.  Be sure to enjoy it – just don’t spoil it by not getting the security you need.

By Dameon D. Welch-Abernathy, CISSP, Check Point employee, also known as PhoneBoy of the PhoneBoy.com Blog

Windows 7 is the first Windows release since Windows 95 I have been impressed with. I've been using it on my kids' computers since the public beta was released in January. It has been an exceptionally stable and fast operating system, moreso than Windows XP and Vista.

By Robert McHugh, product manager

If you’ve ever had your wallet or purse stolen, your first thought probably isn’t about the lost cash or the value of the wallet itself.  Your biggest concern is about what the thief will do with the information in your wallet – credit cards, ATM cards, etc. – and how you can stop them right away.
 
Similarly, if your laptop is stolen you could be concerned about the cost of the computer and what files haven’t been backed up recently. But what about your personal information on your hard drive?   Do you have any bank records, account information, or passwords saved on your laptop?  What’s in your email that you wouldn’t want the thief to access?  How do you protect this?

There are some simple steps you can take to keep your laptop AND your data secure:

Be inconspicuous.  Not long ago, laptop carrying bags were clearly used for one purpose – to carry a laptop - screaming to potential thieves that there’s a valuable computer inside.  Now, more and more laptop owners are choosing inconspicuous backpacks and multi-purpose carrying cases to tote their computers more discreetly.  As the New York Times recently reported, some users are taking this clandestine carrying theme even further with a bag disguised as a newspaper.

Keep it out of sight.  Just as you wouldn’t leave your wallet or iPod sitting exposed in the backseat of your parked car, take the extra precaution to hide your laptop computer. Take it with you if you can, or lock it in your trunk.

Sticker it.  If you own a popular model, add some labels or stickers to distinguish your computer. This will help avoid confusion at your local Starbuck’s or at airport security; plus it will be easy to see if someone is walking off with your machine.

Backup and Encrypt your data.  This won’t prevent a theft, but it will protect you if that someone gets their hands on your laptop.  If you haven’t gotten around to backing up your machine, stop reading right now and back it up!.  Encrypting your data ensures that no one but you can access your personal confidential information.  Windows password protection won’t stop a thief from getting at your data.  Only full encryption of your hard drive will hide everything, including hidden files and deleted items that may contain valuable information.

Laptop thefts have been growing each year as more and more users are going mobile.  According to a study by Safeware Insurance Agency, a laptop is stolen every 53 seconds, and only 3% of these are ever returned.  Be informed and be prepared so you won’t be part of the statistics.