How To Protect Your Computer
What's the use of spending all the time and money it takes to build your own one-of-a-kind computer if you're not going to protect it? Deciding on good computer security is one of the most important decisions you'll make in the computer-building process. Let's spend a few moments talking about easy, affordable steps you can take to protect your computer's security, as well as the personal information stored on it.
The most fundamental protection your computer needs is protection of its power supply.
In my own case, because I live in a rural area where power failures are fairly common, I have a backup generator that can power my whole house.
That's my generator in the picture. It can't power everything in the house at once, but I have no need to use everything in the house at once. As long as I don't do try to use multiple high-draw appliances (like the electric range and the electric clothes dryer, for example) at the same time, it provides plenty of juice.
I chose the A-iPower SUA12000E 12,000-Watt generator because I wanted a portable generator so I could use it elsewhere, but I also wanted it to be powerful enough to power my whole house during outages. I've been very happy with it. It's a real workhorse.
My generator is hooked up to the house with a 50-amp inlet box and power cord. It also has a breaker panel safety interlock. Backup generators connected to a house MUST use either a safety interlock or a transfer switch to isolate the generator from the public power grid. Otherwise a lineman (lineperson?) working to restore the power could be electrocuted.
If you install a generator, make sure to use a competent electrician and have the installation inspected before firing it up.
Just as an aside, because the same trees that knock down power lines also knock down cable lines, I also have a backup Internet connection through a Verizon Jetpack. I also use it when I'm traveling for Internet pretty much anywhere. I've been very happy with the service.
Uninterruptible Power Supplies and Surge Protectors
Because my generator doesn't start up automatically, I also use uninterruptible power supplies (UPS's) on all my computers and other critical equipment (routers, switches, phones, and so forth) that I never want to be without power. If the power to a computer is suddenly cut off, not only will you lose your unsaved data, but it could cause corruption of the filesystem on the hard drive. I personally like APC UPS's, but there are other brands that are also very good.
For equipment that can tolerate being suddenly deprived of power, but still needs protection from spikes and surges (for example, mobile phone chargers and laser printers), I use surge protectors. They don't provide backup power, but they do protect the attached equipment from electrical spikes and surges.
Routers and Firewall
One of the most important security investments you can make is a good hardware firewall. Nowadays, for most home users and small businesses, that's pretty easy. Almost all broadband routers have built-in firewalls, and most of them are actually pretty decent.
When selecting a broadband firewall router, there are a number of factors to consider. The first is that it should support Gigabit speeds. Older, 10/100 routers are obsolete. You also want a router that's built to last and that will provide you enough control for your particular needs. Finally, if you're a gamer, you may want to consider a gaming router that prioritizes games over other traffic to reduce lag and latency.
Some routers feature advanced QoS (Quality of Service) technology that allows you to prioritize and shape the traffic passing through the router. This kind of technology is very handy for gamers, VoIP users, and anyone who runs a server from their location.
If you're running a business behind the router (or if you just want maximum safety, certified by a reputable third party), then choose a router with an ICSA-Certified Firewall.
Properly Securing your Wireless Router
Whatever router you choose, there are a few important things you need to do to maximize your protection. You can change these settings by logging in to the router's Web interface as an administrator, usually by just typing its IP address in a web browser and entering the default user name and password. See the documentation that came with your router for more specific instructions.
Change the Router Password. Most routers ship with a default password of "password" or "admin," and most users never change the password. That enables literally anyone to hack into their routers. Luckily for you, you're smarter than they are; so one of the first things you should do is change the password to something hard to guess.
Check for Firmware updates. Router manufacturers issue firmware updates to correct vulnerabilities. You should check for updates when you first set up your router and periodically afterwards.
Enable WPA-PSK Wireless Encryption. All wireless routers are capable of encryption. Enabling encryption protects you in two ways. First of all, it scrambles all the data that passes wirelessly between the router and the devices that it serves. Secondly, it prevents unauthorized computers from attaching to the router.
If you don't have encryption enabled, anyone with a Wi-Fi-equipped laptop and the right software can park in your driveway and start sniffing your data. They can also connect to your network and use your Internet connection, which can get you in a lot of trouble -- especially if what they're doing with your Internet connection is illegal. It'll trace back to you because you're the person connected with that Internet account.
Unauthorized users who connect to your router may also be able to poke around on your LAN and gain access to information on your computers; and if you haven't changed the password on the router (which, of course, you already did when you first set it up -- right?), they can take full control of it and change its settings, completely defeating the purpose of the firewall.
Long story short, use encryption. For maximum safety, choose WPA-2 encryption, and use a difficult-to-guess (but easy-to-remember) key. You can use full sentences as WPA keys, but remember that they have to be entered exactly right every time you connect a new wireless device to the router. Everything matters: the capitalization, punctuation, and everything else must match what's stored in the router.
Don't use WEP encryption unless you absolutely have to. It's much too easy to crack. Use WPA-2 instead.
Change the SSID. The SSID is the name of the wireless network. Most routers ship with SSIDs that identify the maker, and sometimes the model number, of the router. Change it to something else, like PineTree, SnakeHips, Petunia... anything, really. I suggest that you not use your name or anything else that can identify you, however.
The reason you want to change the SSID is that you don't want to tip off a potential hacker as to what router you're using, just in case there are known security bugs with that model. With the right software, a hacker can sniff out the make and model of the router, anyway, but why make it easier?
Disable Remote Administration. Most routers have a remote administration function that allows the administrator to administer the router from anywhere in the world, usually on port 8080 or 8888. If you don't need this ability (and almost no one does), then disable it.
Use Antivirus Software
Good antivirus software protects your computer from viruses, spyware, rogue software, and other potentially harmful code that others may try to inject into your computer. The best anti-virus applications also monitor for other potentially harmful things, like un-patched vulnerabilities; and some also include spam-filtering and firewall software.