The Top Five Security Mistakes Users Keep Making

New computer and Internet users appear all the time. Kids get their first computer; they get old enough to start accessing the Internet at school, and computer and Internet use spread around the world. Aside from these newcomers, old-timers to computer use and the Internet can make these same mistakes--if they grow complacent or careless. Just as we must be careful with power tools or fragile objects, we need to be careful with our powerful tools of the electronic age: computers, networks, and the web.

Let's examine what these recurring mistakes are, why they're always possible, and hopefully help you avoid them in the future.

Today there are Wi-Fi access points every few yards, it seems. In an apartment complex or neighborhood with smaller lots you can access more than just your own access point easily. Businesses are much more likely to require authentication or limit access. Home users may thing that using WEP or WPA security is enough, but it's not. Users with many computers connected to the Internet also need to consider that NAT is not enough. Home networks need real security, like firewalls.

Closely related to mistake 5 is the lack of firewalls. Much "personal firewall" software is really Anti-Virus and anti-spyware code with packet filtering thrown in. Many of these program suites replace the built-in Windows firewall. Granted, many users don't know how to use that, or it's frustrating for them. Having a real firewall solution, whether it's host based (runs on your PC) or a network firewall (on your router or behind it) is much more secure than relying on a souped-up Anti-Virus program.

Passwords seem like too much trouble for some people. They don't think they have anything to hide. Sure, they use a password when banking online--but don't have one set to log on to their PC, and don't have passwords set if they share files. If these careless souls are convinced to use passwords, they often pick ones that would be quite easy to guess or crack. You should use passwords that are strong, and use them to protect access to your PC even if it seems like overkill--it's not.

Just yesterday a friend got into a huge mess because she wasn't running the latest anti-virus and malware software. I'm amazed at how many people either aren't using AV software or don't keep it updated. New malware programs are created all the time. If it's using last year's virus signatures, your anti-virus software won't detect this year's viruses, will it?

Related to number three, (but an even bigger mistake) is allowing your PC or browser to log you in automatically--don't do it! If someone gains access to your PC and you're set to log in without a prompt, it's like there's no password there at all. Do you want a hacker or your estranged lover to max out your credit card ordering things from an online store because it was too much trouble for you to type a password?

Mistakes happen often because we're not aware that what we are doing is in fact going to be a mistake. Awareness of our actions and the consequences are our first steps. Next we need to know what to do to avoid making the mistakes in the future. Then we need to actually apply what we have learned. Awareness without action won't save us.