Personal data protection on a personal computer
Federal legislation on data protection at work on personal computers affected both personal technology and equipment of large IT companies. Currently, the legal and informative base in matters of personal data protection is more adapted to modern realities than the previous versions of regulations. The Federal Law "On Personal Data", which came into force in 2010, regulates actions in all areas of computer security for a personal user.
Personal data protection issues on PC
On the point of correctness and completeness of compliance with cybersecurity standards, control is carried out by the federal service Roskomnadzor. Federal legislation on cybersecurity vests this structure with exclusive rights in matters of security of content located on the websites of Russian companies and legal entities operating in the Russian Federation under a franchise. Complaints from citizens are also sent there.
By-laws issued by the FSTEC and the FSB are also exceptional. According to their criteria, developers of corporate security systems, in fact, have to build the latest system for filtering and intercepting virus threats. The list of tools includes both antivirus programs and firewall solutions, programs for multilevel encryption, identification systems that require advanced authentication and access rights, and various tools for preventing data leaks.
The listed mechanisms are described in the corresponding FSTEC decree on the implementation of measures regarding electronic security in personal data information systems. The necessary protection products are described in detail below, from what exactly these programs protect each individual PC and data system as a whole.
The basis of tools for ensuring the protection of personal data
The only way to prevent a cybersecurity crime is to cut off a potential cybercriminal from access to personal data, completely exclude its impact on the DBMS, application software, OS, network devices (both at the hardware and software levels). These tools include:
- anti-virus packages of all possible types;
- firewalls (they are also firewalls);
- tools to prevent network attacks and alert about them;
- scanners of potential vulnerabilities.
At the household level, the “defender” and comprehensive antivirus system that comes with Windows 10 out of the box copes with infiltration into the system in order to steal personal data. If you do not surf suspicious sites, do not run dubious executable files under the admin - most problems will bypass the average user. But this applies especially to a home PC that does not store commercially important material.
Situations when the virus actively broke computers in the past - modern hardware currently has a sufficient degree of protection against such hacks. Virus attacks are carried out by introducing various types of malicious software aimed solely at stealing confidential information, including personal data.
A professional third-party antivirus must have signature protection on board, advanced heuristics systems, a multi-level program entrusted to programs, and monitors the integrity of critical data. All these components of antivirus slow down the work of the entire system, so you need to have high-quality hardware to store important data.
To minimize the risk of identity theft, it is necessary to use the latest software for the PC, which will hopefully identify new viruses based on the latest technologies. If threats emerge, a modern antivirus will be able to recognize them not only thanks to the regularly updated database of virus programs, but also by using heuristic analysis methods. This makes it possible to identify suspicious actions and previously unknown attacks. The development of new malicious programs does not stop, they are being improved, new ones appear, so protection against previously unknown viruses is very necessary for the safe operation of a personal computer.
To choose the most suitable antivirus program, you need to study the current reviews of such software, other programs that ensure PC security. Even free programs will allow you to create effective computer protection if you are not ready to use paid options.
In professional language, they are called firewalls. A lone user can sit behind a standard Windows firewall for years - the level of attacks on his computer never approaches a really threatening one, personal data remains intact. With regard to the corporate network, a fundamentally different level of personal data protection is required. Here you may need a professional VPN and permanent tracking of suspicious activities at all network levels.
In the mid-2000s, Internet Security packages became very popular. Virtually every major antivirus developer (Dr. Web, Avira, AVG, Kaspersky, Symantec, Eset, McAfee) was involved in them.
Regardless of the type, the firewall must be activated on the gateway router to create a “demilitarized zone,” that is, a set of particularly strict rules to protect e-mail and external network applications. An experienced administrator always has several firewall configurations - for the most common emergency cases of personal data protection on a PC.
Intrusion prevention systems
Intrusion Prevention System - in the specialized literature they appear as IPS (in no case should they be confused with the technology for the production of matrices of TVs and computer monitors!). ISS should be installed in the network gap to check traffic for signs of suspicious activity and neutralize them according to the assigned security policy.
Intrusion prevention systems are far superior in efficiency to gateway antiviruses, since they monitor not only packets, but also the correctness of the protocols used. The range of threats against which the IPS protects itself is also much wider. Such personal data protection systems are produced by traditional antivirus vendors like Check Point and McAfee, and monopolists in the field of routers and other network electronics like Juniper and Cisco.
A verification program for the shortcomings of the security of both the OS and the applied software used. They come in software, a relatively exotic form factor - a separate electronic device that simulates a variety of threats in relation to the user's PC and network protocols around it. There are many representatives of the class: MaxPatrol, IBM ISS, Symantec, McAfee (Vulnerability Manager). There are also passive network traffic scanners. Actually, these are all descendants of the "test viruses" packages launched to assess the "professional suitability" of a freshly installed antivirus. Vulnerability scanners also serve for internal audit of protection, regulated by the FSTEC requirements.
How to protect personal information on a PC
Following the steps below will help you protect your personal data on your PC as efficiently as possible.
Encrypting information will help protect information - there is a huge amount of personal data on hard drives, USB-drives. Credentials, confidential information may become the property of third parties in case of loss of these media. To protect this data, you must not only set a strong password, but also encrypt the drives, which will close access to them if the password is unknown.
Enterprise, maximum versions of Windows 7, Windows Vista contain BitLocker encryption tool. Other operating systems can use the free TrueCrypt (tryecrypt.org) to encrypt some or all of the data.
If you have Mac OS X you can use FileVault. This tool encrypts folders on desktops. The new version of Mac OS X encrypts the entire Lion desktop.
Today you can buy external drives, drives that have built-in encryption, including scanning the owner's fingerprints.
This is the easiest way to protect your PC. You need to update not only the operating system itself, but also other programs installed on the computer. Developers are constantly updating versions of their own products, improving their functionality, fixing bugs, closing weak points through which data leakage is possible. Frequently updated versions contain new components and new features.
Many programs have a special auto-update function, notifications about an upcoming update. If you receive such a message, you must immediately install the proposed update. This will reduce the risk of theft of personal data and other confidential information.
The fairly popular SUMo program will help you keep track of updates.
Wi-Fi network protection
Make sure to keep your home Wi-Fi network private. A password is used for this. Otherwise, outsiders can easily enter the PC and use any information, including confidential.
Protection - encryption of Wi-Fi network traffic. This is inconvenient, since you have to enter a password every time you connect to the network, but this is necessary to protect your PC from outside attacks.
Modern wireless routers use three standards for encryption:
The last two have a higher degree of protection against hacking.
You can also turn off the broadcast of the network name - SSID. In this case, gaining access to her will be possible only for those who know her name. The rest of the PCs will not be able to see this network.
Online shopping - virtual bank cards
When buying something on the Internet, you need to enter your bank card information - this is part of the personal data that is used on a PC. The risk to the security of the bank account is extremely high, since there is no guarantee of the seller's good faith, as well as the security system of the site on which the purchase is made.
Using a virtual bank card number will allow you to secure payments. These are the bank card details that allow you to make a payment and prevent attackers from accessing your bank account. Among Russian banks, virtual products are offered by Alfa Bank, VTB and others.
HTTPS protocol for browsing
Surfing the Internet is less risky with Hypertext Transfer Protocol Secure (HTTPS). It encrypts traffic passing between the PC and the site, prevents data leakage, reduces the possibility of hacking, but is not a guarantee of the security of the resource that the user visits.
Sometimes even verified and proven sites can be hacked. Through search mechanisms, attackers insert infected codes into the top lines of pages ("poison the search engine"), which makes the site infected with malware. Using the hyperlink control mechanism will prevent your PC from getting infected.
Free control tools (scanners) such as Web of Trust, McAfee SiteAdvisor, LinkScanner will help protect your computer from potential risks.
Complex passwords, which are very difficult to guess, can become reliable protection against physical penetration and use of data from a computer. You need to use a separate password for each account. It needs to use letters in different registers, numbers, special characters. Keepass password management software for Windows, Mac OS X and 1Password will help you manage passwords and generate new ones.
Refusal to use public PCs and wireless networks
Using public PCs carries enormous risks of personal information leakage, malware infection, network movement control, password collection, and virus spread. Public Wi-Fi networks may contain settings that make their users vulnerable to the leak of personal data, accounts. It is advisable to avoid using these resources to avoid becoming a victim of identity theft.
If you cannot do without connecting to a public network, you should not conduct banking operations using them, register on various sites, or buy any goods and services.