Someone living in a cave in the farthest corners of the world may not know that attacks on computers and the internet continue to escalate, but I wouldn’t bet on it. The problem has become so pervasive and so costly that it is a source of more cussing and discussing than anything except sex and the weather, and weather may not even make the cut.

A series of recent virus attacks are directed at insecure computers around the world, and some estimates place the number of compromised computers in excess of ten million. The number of compromised computers could be (and probably is) substantially higher.

There is (at least) a two-fold danger in this fact that should raise red flags in every business that has computers. The first danger is of course, whether any of your computers have been compromised. The second more general concern is how those compromised computers will be used. If there is one thing you can be sure of, the compromised systems most certainly will be used, or more correctly, “abused.”

Network and Internet security have become big business, however there are some basic actions that can be taken to improve security that are no-cost or low-cost. A summary of the simplest steps to take would have to include the following:

Ensure that you password protect your machine. This includes log-on passwords, email passwords and other access account passwords. They should be eight random characters and should emphatically not be a word or name. Use a mnemonic to assist you in remembering them. An example would be “My Birthday Is May 20 With Cake.” The password would be mbim20wc. Use upper and lower case as a mix to make the password stronger.

Routinely update your virus definition files. You are not running a virus scanner? The words “criminal” and “negligence” immediately pop to mind. If you are running a business, and not running a virus scanner on any computer your are using to connect to the internet, you may well be exposing more than your network. You may be exposing your company to lawsuits or even criminal prosecution.

As widely known as the problems with hacking and spamming have become, it seems that some smart lawyer out there will eventually make the case that the failure to take even the most basic precautions is criminal negligence.

Routinely update your operating system and applications with vendor supplied security patches. Mostly this refers to Microsoft products, of course, but the issues are not limited to Microsoft software. Make sure you are on any vendor mailing lists that are used for customer notification of security updates.

Don’t bypass all your network security by installing a wide open (unprotected) wireless network. This is one of the biggest security holes in business networks today. What good is your firewall if you open a door behind it? Answer: none. At a minimum you must set the ESSID of the radio/wireless router away from the factory default.

Install an effective software firewall on each workstation. It can be annoying when your firewall interferes with browsing the internet, but that is far more endurable than a complete security meltdown.

There are any number of schemes to illicitly access your computers, and by no means are the perpetrators all interested in what is on your computer as far as content. Rather your computer becomes another tool with which to expand the abuse of the internet for financial gain (spamming, hacking, distribution of pirated software and videos, etc) or out of pure destructive vandalism simply for the sake of vandalism (DDOS attacks, etc.). The focus of all of the attacks is to gain access to and a degree of control of your computer, without your permission, and without your awareness.

If you have not already done so, you should take the minimum steps earlier discussed. At the very least, update your patches, update your virus software, and make sure your computer has not already been compromised. To do any less is simply not an option a good business leader should entertain.

(Editor’s Note: Jim Kendall is the owner of Telebyte Northwest, Kitsap County’s oldest Internet Service Provider. He can be reached at (360-613-5220)