But first...

Before returning you to our regularly scheduled programming (Linux issues and security complexities), I'd like to do yet another list aimed at what professionals or security advocates seem to need to do on a regular basis with respect to the other 999 out of a thousand people. Imagine, if you will, a person of general knowledge who just got worried about computer security. This person asks you "What should I do now?". I'll give two lists as answers; the first will be for general users and the second will be for small business situations.

WHAT TO DO NOW TO IMPROVE YOUR SECURITY STANCE (for the general user):

1. BACK UP ALL DATA AND APPLICATIONS- Having only one copy of something is risky. Establish a routine and specific location for copying all data on all computers to a storage device or location. An automatic cloud arrangement is better than nothing but that cloud (a cluster or network or rented storage device) is not owned or principally controlled by you. Consider ejecting hard drives or thumb drives that can be placed in a fire protection safe, either on premises or somewhere else.

2. DOCUMENT ALL CONFIGURATIONS AND SETTINGS - All the operating systems and applications that your computers run are probably not at default settings anymore. In documenting all settings, you as well will be inventorying all the applications you use. Network and internet provider information, including contact phone numbers for tech support, would be needed as well.

3. CHANGE ALL PASSWORDS - How many months has it been since you changed pw's on some things - or anything? And never EVER stick with a default password; these are known by the bad guys.

4. UPDATE ALL VERSIONS OF SOFTWARE AND APPLICATIONS - Free security updates are often available for antivirus, operating systems, apps and other aspects of what you do. In the rare case of an update breaking something, backups will be what saves you.

=======================================================

WHAT TO DO NOW TO IMPROVE YOUR SECURITY STANCE (for small business)

1. BACK UP ALL DATA AND APPLICATIONS - Separate CD/DVD copies of all apps and OS's would be good, but saves (dd or other bit-for-bit) should do. Best would be to have a copy of the backup close at hand and another offsite.

2. DOCUMENT ALL CONFIGURATIONS AND SETTINGS - Look into inventory programs for this purpose, or having your staff person write a script. Scripts may already exist that can be customized or chopped down for your situation.

3. CHANGE ALL PASSWORDS - Enable password aging and imposition of use of complexity, as with mixes of capital and lowercase letters, special characters, disallowing dictionary words and password reuse and so on.

4. UPDATE ALL VERSIONS OF SOFTWARE AND APPLICATIONS - Here's where backups are important if any update breaks something. Multiple versions of some language like PHP might be needed for some web page situations, so updating could be tricky; check with your IT person or contract webmaster. The latest PHP could be needed for one thing, while a specific earlier version could be needed for another.