Tips for Windows 7 Users

CREATE A WIRELESS HOTSPOT 

With some free software, you can convert your Windows 7 laptop (or desktop with a Wi-Fi card) into a wireless router to share internet with others. Just get Connectify (www. connectify.me) or Virtual Router (http://virtualrouter.codeplex.com) to enable this feature. Connectify and Virtual Router will not work on older editions of Windows.

VIRTUAL WINDOWS XP There are several reasons why you would want to run Windows XP virtually within Windows 7. Maybe you have programs that only work in XP or maybe you're nostalgic. Whatever your reasons, you can download the necessary files from http://goo.gl/DCOSq.

WINDOWS MEDIA CENTER
Windows Media Center (built into Windows 7 Home Premium, Professional, Enterprise and Ultimate editions) offers more than just multimedia. It offers a 10 foot interface so that you can connect your PC to a TV and enjoy your content on a larger screen. Plus, it displays album art nicely and can stream all sorts of free content.

PLAY NICE WITH XBOX 360
If you have a Xbox 360 connected to the same network as your Windows 7 PC, you can use Windows Media Center (WMC) to stream photos, music and videos. On the Xbox, note down the 8-digit key from the WMC section in Apps. In WMC, click Tasks > Add Extender and enter the 8-digit key. Now you can access content on the Xbox.

LAUNCH APPS QUICKLY

Users of older editions of Windows probably don't know that with Windows 7, you can launch programs by just typing their name. Just click the Start button, start typing the name of the program you want to launch and the results will appear real time as you type. Just highlight the correct one and hit the enter button.

PLAY GOD FOR YOUR PC

There are various settings available for Windows 7, sometimes in various places (like control panel, personalization, network settings menu and so on. With God Mode, you can have all settings in one place. Create a folder & name it GodMode. {ED7BA470-8E54-465E-825C-99712043E01C}. 

THE PROBLEM STEPS RECORDER
Sometimes when something goes wrong with your PC, you could spend all day trying to figure out the problem. Instead, use the Problem Steps Recorder to record what's going wrong and send it to someone more knowledgeable for a quick diagnosis. Click the start button and type PSR to bring up the Problem Steps Recorder (psr.exe) click on 'Start Record' and run through the problem again.

Java Security for Mobiles

The advent and popularity of Java has created a new paradigm: downloaded content can now also be executable. Java developers have tried to address security by implementing a few mechanisms, which are supposed to remove the risks of executing untrusted code:

• Memory access.
• The Java Sandbox.
• The Byte-code Verifier.
• The Applet Class Loader.
• The Security Manager.

Memory Access
Java developers have often promoted Java as a secure language. At the lowest level, security goes hand in hand with robustness. Java programs cannot:

• Forge pointers to memory
• Overflow arrays
• Read memory outside the bounds of an array or string

These features are supposed to be the main defenses against malicious code. It has been argued that by disallowing direct access to memory, a huge, messy class of security attacks is ruled out.

Byte-code Verification
The second line of defense against malicious code is the byte-code verification procedure that the Java interpreter performs on any untrusted code it loads. The verification procedure should ensure that the code is well formed. For example, it should not overflow or underflow the stack or contains illegal byte-codes. If the byte-code verification step was skipped, inadvertently corrupted or maliciously crafted byte-codes might be able to take advantage of implementation weaknesses in a Java interpreter.

Java Sandbox
Another layer of security protection is commonly referred to as the sandbox model: untrusted code is placed in a sandbox, where it can play safely and without doing any damage to the real world, or the full Java environment. When an applet or other untrusted code is running in the sandbox, there are a number of restrictions on what it can do. The most obvious of these restrictions is that it has no access to the local file system.

Security Manager
The Security Manager class enforces a number of other restrictions. All the core Java classes that perform sensitive operations, such as file system access, first have to ask permission of the currently installed security Manager. If the call is being made by untrusted code, the security manager throws an exception, and the operation is not permitted.

The Dangers of Mobile Code

Because of the universal use of e-mail and world wide web, it is impossible for any security administrator to guarantee that no malicious external files, programs or data will reach the internal network. Primary culprits for web-based intrusions are applications using the Java and ActiveX programming languages. These languages allow Web sites to incorporate programs that users can run on their computers, in other words: remotely compiled programs are executed locally. It is not surprising that one should be rather nervous about executing untrusted code on one’s private network or machine.

Java
Java is a high-level, object-oriented, general-purpose programming language that took the Internet by storm, because it was one of the first technologies that could animate Web pages and make them interactive. Designed by Sun Microsystems in 1990, it is similar to C++, but it eliminates many language features that can cause common programming errors. Java source code files (files with a .java extension) are compiled into a format called byte code (files with a .class extension), which can then be executed by a Java interpreter. Java can be used to develop complete applications, called Java applets, which can perform a variety of tasks from the same Web page:

• Animations. 
• Games. 
• Charts. 
• Interactive programs. 

Let us see how this works in a Web browser on a desktop computer. References to Java software are embedded on a web page, which can be stored on a local disk or on the network. When the browser sees these references, it performs the following procedure:

• The Java software, i.e. the applet, is loaded. 
• The applet is then processed by the Java Virtual Machine (JVM), which is built into the browser. 
• This JVM does stringent security checks. 
• The JVM runs the applet, which appears and interoperates inside the browser. 
• The computer's operating system provides machine-specific support for many of the actual operations and interactions.

Threats to the home computers

A threat, for information security, is any activity that represents possible danger to user’s information. Intruders want the information stored by the users which are personal and sensitive, such as credit card numbers, PINs, passwords etc. By stealing this information the malicious intruders commonly referred to hackers may gain financially. The intruders also use the resources of the compromised systems for their own purposes and for attacking other computer systems connected to the Internet. Recent trends in computer security threats show that the attackers are compromising the home computers and installing malicious code such as Bots in these systems, which may then be used as Zombies to further launch large scale attacks on critical information systems. This type of attack is known as Distributed Denial of Service (DDOS).


Vulnerabilities in home computer
A vulnerability is a weakness in user’s information security that could be exploited by a threat; that is a weakness in user’s system and network security, processes, and procedures.

Computer vulnerability is flaw in the computer system. Which when exploited allows intruder to compromise the system’s integrity. The common types of vulnerabilities are logical errors in operating system or applications due to poor coding techniques, allowing intruder to exploit them and giving him heightened access to the user’s computer.

Various security tools are available to secure the system like firewalls etc. These tools provide excellent security mechanism but having flaw in design that could lead to security breach. The term “security through obscurity” fits into this arena, being the system is secure because nobody can see hidden elements. All types of file encryption come under this category. By means of encrypting the data an additional layer of protection is being added to the computer system.

In case a system is compromised, the critical data is still protected by encryption. And the intruder may not be able to steal the information from the hacked system.

Some Frequently Asked Questions about Computer Problems

Question 1: Why doesn’t my computer run as fast as it did when it was new? 

Answer: When you use your computer, you create files, install software, browse the Web and do a lot of other stuff. Windows works in such a way that pretty much everything you do creates temporary files and writes into the Windows registry. As time goes by, some registry entries become corrupted, temporary files don’t get deleted, and the list of programs launching on Windows boot grows. All this clutter makes your computer slow. 

Question 2: Why does the registry keep getting corrupted? 

Answer: The registry is a very complicated database that contains hundreds of entries. Every time you uninstall or update software, update your drivers, or even simply update Windows, registry entries are updated as well. Sometimes things go wrong and the registry gets updated incorrectly. As a result, some registry entries become corrupted or empty. A good registry cleaner can fix this. 

Question 3: How to get rid of unwanted bloatware? 

Answer: Getting rid of bloatware is easy you just need the right tools. To remove junk files and other debris, simply run disk cleanup, registry cleanup, remove unneeded startup entries, uninstall software you don’t use (like expired trial software), and finally use a duplicate file finder to get rid of duplicate files. 

Question 4: How do I make my PC boot faster? 

Answer: There are many ways to make your PC boot faster, but the easiest one is to remove unnecessary startup entries. You can use a startup manager to view the list of programs running on system startup and disable things like IM programs, toolbars, launchers, and players. 

Question 5: How to remove remnants of old programs that were uninstalled in the past? 

Answer: Leftovers from uninstalled programs are easy to remove. Just run a registry cleaner to get rid of empty keys and missing references and then go to your Program Files folder and remove empty folders (hover your mouse pointer over the folders and delete the ones that have 0 byte size). 

Are Home Computers are Safe?

This document is intended to prescribe basic guidelines to the home computer users working with computer systems running Windows Operating System. The basic purpose of this document is to create awareness about computer security issues among home computer users and suggest them the tasks to be performed to secure their computer systems to protect their information assets.

Why Home Computers?
Home computers are typically not very secure and are easy to break-in. When combined with high-speed Internet connections that are always turned on, intruders can quickly find and then attack home computers. While intruders also attack home computers connected to the Internet through dial-in connections, high-speed connections (cable modems and DSL modems) are a favorite target. There may not be important data stored on the home computers but they are targeted by the intruders for launching attack against other computer systems.

How attackers do it?
In general, attack vectors which attackers use are:

• Through E-mail
• Through Un-trusted Websites
• Through Internet Shares

In some cases, they send email with a virus. Reading that email activates the virus, creating an opening that intruders use to enter or access the computer. In other cases, they take advantage of a flaw or weakness in one of the computer program’s vulnerability to gain access. Once they’re on the computer, they often install new programs that let them continue to use the computer even after user plug the holes they used to get onto user’s computer in the first place. These are known as “backdoors” and are usually cleverly disguised so that they blend in with the other programs running on user’s computer.

What is Information Security?

Information security can be explained by the help of following example. If company sells bottled water purified using the process of reverse osmosis, the process is well known, and therefore it does not make good business sense for management to protect that information. However, if that company has a revolutionary process that cuts the cost and time for water purification in half, it would make sense to secure that information. There is a limit to the value of implementing protection so user must combine his knowledge of value, threats, vulnerabilities, and risks to put together a feasible plan.

Information security involves the measures and controls that ensure confidentiality, integrity, and availability
of the information processed by and stored in a computer or system.

Confidentiality: Ensures that information is accessed only by authorized personnel.
Integrity: Ensures that information is modified only by authorized personnel.
Availability: Ensures that information and systems can be accessed when needed by authorized personnel.

This practice include policies, procedures, hardware and software tools necessary to protect the computer systems and the information processed, stored, and transmitted by the systems.

When the user combines efforts to provide data confidentiality, data integrity, and data availability with physical security, then he can provide a very effective security solution.

Threats to home computers

A threat, for information security, is any activity that represents possible danger to user’s information.

Intruders want the information stored by the users which are personal and sensitive, such as credit card numbers, PINs, passwords etc. By stealing this information the malicious intruders commonly referred to
hackers may gain financially. The intruders also use the resources of the compromised systems for their own purposes and for attacking other computer systems connected to the Internet. Recent trends in computer security threats show that the attackers are compromising the home computers and installing malicious code such as Bots in these systems, which may then be used as Zombies to further launch large scale attacks on critical information systems. This type of attack is known as Distributed Denial of Service (DDOS).

Vulnerabilities in home computer
A vulnerability is a weakness in user’s information security that could be exploited by a threat; that is, a weakness in user’s system and network security, processes, and procedures.

Computer vulnerability is flaw in the computer system. Which when exploited allows intruder to compromise the system’s integrity. The common types of vulnerabilities are logical errors in operating system or applications due to poor coding techniques, allowing intruder to exploit them and giving him heightened access to the user’s computer. Various security tools are available to secure the system like firewalls etc. These tools provide excellent security mechanism but having flaw in design that could lead to security breach. The term “security through obscurity” fits into this arena, being the system is secure because nobody can see hidden elements. All types of file encryption come under this category. By means of encrypting the data an additional layer of protection is being added to the computer system. In case a system is compromised, the critical data is still protected by encryption. And the intruder may not be able to steal the information from the hacked system.

Malicious Code

Malicious code, or malware, is a common name applied to all forms of unwanted and destructive software, such as viruses, worms, and Trojans. The best way to protect from malicious code is to install virus scanners and keep virus definition (signature) files current.

Virus: A virus is malicious code that infects or attaches itself to other objects or programs. All viruses have some form of replication mechanism, which is how they propagate.

Worm: A worm is malicious code that replicates by making copies of itself on the same computer or by sending copies of itself to another computer. Worms, unlike viruses, do not infect other program files on a computer. All worms have some form of replication mechanism, which is how they propagate. A worm does not require any host program unlike virus to execute, they can run independently.

Trojan: A Trojan horse is seemingly useful (or harmless) programs that perform malicious or illicit action then activated, such as destroying files. For example, user downloads what appears to be a movie or music file but he unleash a dangerous program which can erase in disk or can send his credit card numbers or password files to intruders. These backdoor programs may also open certain ports on user computer allowing unauthorized access to user computer.

The malicious code usually propagates through email attachments.

Key loggers

Key loggers are software application (or hardware based as well) which are able to capture the key logging events and can mail them to remote intruder via email. These are invisible and undetectable to users so there is a huge risk of sending important information such as credit card numbers passwords to the remote intruders. The set program can be combined with useful applications like that whenever user install that application the key logger program also get installed along with that application.

Bots
The term Bot is derived from the word “Robot”. Robot comes from the Czech word "robot," which means "worker". In computer world Bot is a generic term used to describe an automated process.

Bots are being used widely on the Internet for various purposes. Bot functionality may vary from search engines to game bots and IRC channel bots. Google bot is one such famous search bot, which crawls through the web pages on the net to collect information and build database to enable variety of searches. Computer controlled opponents and enemies in multiple player video games are also a kind of bot, where the computer process tries to emulate the human behavior.

However, the usage of bots is not limited to good purpose only. Bots are widely used to perform malicious activities ranging from information stealing to using as a launching pad for distributed attack. Such software’s gets installed on user’s computer without their knowledge. Some bot infected machines, pass the control of the machine to a remote attacker and act as per the attackers command. Such machines are popularly known as zombie machines.

Adware and Spyware
Adware is 'freeware', whereby ads are embedded in the program. These ads will show up whenever user opens the program. Most adware authors provide the free version with ads and a registered version whereby the ads are disabled. As such, the users have the choice, either to use the freeware with ads served or purchase the registered version. Spyware, as the name suggest is the software installed on user’s computer which is constantly sending user information to the mother website.

Spyware, however, is published as 'freeware' or as 'adware', but the fact that an analysis and tracking program (the 'spyware' agent, which reports user’s activities to the advertising providers' web site for storage and analysis) is also installed on user’s system when a user install this so-called 'freeware', and this is usually not mentioned. Even though the name may indicate so, spyware is not an illegal type of software. But what the adware and spyware providers do with the collected information and what they're going to 'feed' the user with, is beyond his control. And in some cases it all happens without the user’s consent.

Blocking and unblocking USB Ports

If you think that USB flash/pen drives are infecting your system with virus, then try to block all USB ports so that your system will not accept any USB flash/pen drives.

To do this

Type “REGEDIT” in RUN command window or if you are using latest Windows operating system you can type in Start up menu down run bar.

Then it opens system registry.

Now browse the Registry like this;

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR

Now Click mouse in the right side pane and double click on the registry key START and change the DWORD value as 4.

Now you can restart your computer to get effect of the changes in registry. Your USB devices are not accessible because your system USB ports are blocked.

By default DWORD value is 3.

To make your USB ports accessible do the same steps and change the value back to 3 (default value).

And restart your computer to check the effects.

Using BIOS

You can block USB ports even from BIOS setup itself.

This is very safe and effective.

To do this:

Start your computer and press ESC, F6, F8, F12 as mentioned in user manual to enter in BIOS Setup.

Once you enter in to BIOS Setup

Select “Advanced Options”

And check for the “External USB Ports” option DISABLE/ENABLE will be available.

Just change the option to DISABLE by using  + or – keys from your key board.

Restart your computer and check it.

Again when ever you want use USB Ports then goto BIOS Setup “Advanced Options” Change the “External USB Ports” option to default EANBLE by using  + or – keys from your key board.

Internet Farming

Are you fade up with ads when you open your browser?

Do you want to stop those disturbing ads appear in your browser window?

Now you can stop it, just ad most popular “ad block” extension to your Google chrome browser. That’s all! Now disturbing ads will be blocked by Google chrome. According to Google this extension is used by almost 20 million internet users’ world wide.

Screen Shots

Taking screen shots from OS level is known by everyone. Now Google providing a extension called “Awesome Screenshots”, now ad this extension to your Google chrome browser. It provides you screen shots in different shapes and in .png format.

Better English

Are you preparing some documents to publish on internet? Just wait, there is a extension called “ginger” provided by: www.gingersoftware.com as free tool, anyone can download it for personal use. It will help people who are weak in English writing and preparing documents support in spell check, grammar check and also help the users to write better English.

Tabs View

People who open many tabs while browsing the internet using Google Chrome browser. It supports internet users to open and to preview those tabs. This feature can be added to browser as extension “Too many Tabs”.

Translation

Google providing translation facility in chrome for many international and local languages by extension called “instant Translate”. Internet users can use this extension to get translate web pages from other languages to local language.

Photo Editing

Now Google Chrome providing another extension called “befunky” to edit (cut, rotate, adjustment) your online photos. This extension is providing 190 effects in photo editing.

Make web data as e-book

While browsing internet user may think some web pages are having more important data and while browsing internet it may not be possible to read the data. In this scenario Google chrome provides user an excellent extension called “dotepub”. Which convert web pages data into e-book and users can download it, save it and read it while offline.

Convert Videos

Smart phone users can down load videos from you tube and convert them in to smart phone compatible video format like; MP3, MP4, AV1, WMV, 3GP. This extension is available in www.freemake.com/free_youtube_converter as free tool.

Time and Weather Report

To display time and weather and other information use “Currently” extension in Google Chrome, so every time when you open the browser you will see them in the fresh browser window.

Identify Threats and Security

Identity theft

The fraudulent acquisition and use of person’s private identifying information, usually for financial gain. It can be divided into two broad categories:

Credit card fraud

Credit card frauds committed by making use of credit/debit card of others for obtaining goods or services. The threat emerge due to stealing of information like Credit card number, PIN number, password etc. Theft of cards and cloning of cards are also employed to commit such frauds. Hackers use complex techniques like Phishing, Skimming etc. to gain credit card information from innocent users.

Phishing

Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by e-mail spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Skimming

Skimming is the theft of credit card / Debit card information. Thief can procure victim's credit card number using basic methods such as photocopying receipts or more advanced methods such as using a small electronic device (skimmer) to swipe and store hundreds of victim’s credit card numbers. Common scenarios for skimming are restaurants or bars where the skimmer has possession of the victim's credit card and makes note of card details for further use.

Vishing

It is one of the method of social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of  “voice” and “phishing” is called as “Vishing”.

Social Engineering

Social engineering involves gaining trust hence the fraudster poses as a member of staff or even security guard. The fraudster would then ask the customer to check the card for damages. The fraudster would have gained confidence from his prey using various tactics such as offering assistance to the customer who perhaps would have tried to use the ATM without success or perhaps the customer who is not familiar with use of ATM machine and requires assistance.

Steps to be followed before Credit card & Debit card/ATM card usage 

•         Whenever you receive the card from the bank make sure the mail is completely sealed and there is no damage.
•         Whenever you receive the card from the bank immediately sign on the card.
•         Try to cover the last three digit number on the card.
•         Register your phone number to check the account transactions.
•         Change the pin number immediately.

Secure usage of credit/Debit cards at Shopping malls and Restaurant

• Always keep an eye how the vendor swipe your card.
• Always make sure that the transactions happen at your presence.
• Never sign a blank credit card receipt. Carefully draw a line through blank portions of the receipt where additional charges could be fraudulently added.
• Don’t give away your personal information in the survey forms given in restaurants/shopping malls.

USB Device Security

USB (Universal Serial Bus) storage devices are very convenient to transfer data between different computers. You can plug it into a USB port, copy your data, remove it and be on your way. Unfortunately this portability, convenience and popularity also brings different threats to your information.

Data thefts and Data leakage are everyday news now! All these can be controlled or minimized with care, awareness and by using appropriate tools to secure the information. The tips and recommendations provided in this document helps you to keep your information secure while using USB storage devices.

Threats

1. The Conficker worm spreads via removable devices and drives such as memory sticks, MP3 players and Digital Cameras. 
2. Also 30 percent of new worms have been specifically designed to spread through USB storage devices connected to computers.
3. The Stuxnet worm was one of the year’s high-profile threats that spread through USB drives.
4. Malware Spreads through USB storage devices. Somebody may intentionally sell USB storage devices with malware to track your activities, files, systems and networks.
5. Malware may spread from one device to another device through USB Storage Devices using autorun.exe, which is by default enabled.

Unauthorized Usage

• Somebody may steal your USB Devices for Data.
• Somebody intentionally leave USB devices at your Desk or Place with Malware.

How to stop Data Leakage via USB Storage Device?

• Design and adopt a good security policy to limit the usage of USB Storage devices.
• Monitor the employees what they are copying.
• Implement Authentication, Authorization and Accounting to secure your information.

What to do when you lose the Device?

• If you have stored any personal or sensitive information inside the USB drive like passwords etc, immediately change all passwords along with security questions and answers provided during any account creation [There may be chances that hacker can retrieve your online account logon information by using data in the stolen drive].
• Also ensure that all security measures have been taken against the data lost.

How to secure USB Device?

• Always secure the drive physically by tagging it to a key chain.
• Never leave your drive unattended anywhere.
• Never keep sensitive information with-out encryption.

Types of Devices which supports USB:

• Card readers
• Mobile phones
• PDAs
• Digital cameras
• Digital audio players
• Portable Media Players
• Portable flash memory devices

Guidelines for usage of USB Devices

Do’s

• Always do low format for first time usage.
• Always delete the drive securely to clear the contents.
• Always scan USB disk with latest Antivirus before accessing.
• Protect your USB device with a password.
• Encrypt the files / folders on the device.
• Use USB security products to access or copy data in your USB.
• Always protect your documents with strong password.

For Small Business or Enterprises

• Monitor what data is being copied.
• Block the unauthorized USB from connecting.
• Pick the device with features and correct level of encryption to meet compliance requirements and organization needs.
• Educate employees on acceptable and unacceptable use of USB flash drives.
• Document policies so that users know who is authorized and what they are authorized to do.

Don’ts

• Do not accept any promotional USB device from unknown members.
• Never keep sensitive information like username/passwords on USB disk.

Mobile as USB

The mobile phones can be used as USB memory devices when connected to computer. A USB cable is provided with the mobile phone to connect to computer.

Do’s

• When a mobile phone is connected to a personal computer, scan the external phone memory and memory card using an updated antivirus.
• Take regular backup of your phone and external memory card because if an event like a system crash or malware penetration occurs, at least your data is safe.
• Before transferring the data to Mobile from computer, the data should be scanned with latest Antivirus with all updates.
• Remember to remove the USB connection from your computer before you walk away.
• Don’ts
• Never forward the virus affected data to other Mobiles.

Evolution of Cloud Computing

Enterprise organizations will likely experiment with cloud computing, carefully choosing projects that benefit from cloud’s features and cost benefits as they develop more formal cloud computing strategies.

The phases of the model include:
Test and development: This phase introduces cloud for proof of concept use. During this initial phase, IT becomes comfortable with server virtualization and gains experience with system performance, application response times, and technology stability.

Consolidation: This phase is highlighted by the migration of physical servers to virtual machines typically referred to as P2V. At this point, IT rapidly moves workloads that have been identified as viable candidates and gives them the green light for production usage on the virtualized infrastructure.

Enterprise: This phase is a significant milestone where the business chooses a virtualization platform for mission critical applications, standardizes data protection, implements disaster recovery, automates routine tasks, and meets SLAs. The goal in this phase is a near 100% virtualized data center.

Dynamic: In this phase, the IT infrastructure is tightly integrated with IT and business processes. As
Administrators apply security, performance, and availability policies, the virtualization platform responds automatically without manual interaction. This is the really the beginning of a true private cloud.

Cloud: The cloud or final phase provides a real time consumption model that meets the descriptions and definitions detailed previously. At this phase, business owners only pay for what they consume and can quickly provision and decommission resources as needed. Control shifts into the hands of the application owner, allowing for management of an extremely fluid environment that instantaneously responds to change across distributed resources regardless of whether they are owned or leased from or hosted by a third party. This entire process is completely transparent to the application and its administrators.

Cloud Computing Deployment Models

Just like the cloud services models, cloud computing can be deployed in a number of ways depending upon factors like security requirements, IT skills, and network access. The IT industry has outlined four cloud computing deployment models:

Private cloud: The cloud infrastructure is operated within a single organization. In this case, internal groups such as business units consume resources and services provided by a single internal (i.e., the IT department) or external cloud computing provider.

Community cloud: A community cloud is a superset of a private cloud. The cloud supports the needs of several or an extended community of organizations. Again, community clouds can be built and operated by members of the community or third party providers.

Public cloud: The cloud infrastructure and services are available to the general public. Examples of public clouds include Amazon Elastic Compute Cloud (EC2), Google App Engine, Microsoft Azure or Terremark Cloud Computing services.

Hybrid cloud: The cloud infrastructure amalgamates private or community clouds with public clouds. In this case, private or community cloud services have the capability to extend or “burst” to consume public cloud resources.

Cloud Computing Consumption Model

At the most fundamental level, cloud computing provides flexible real time access to a shared pool of computing resources (e.g., networks, servers, storage, applications, and services). Indeed, one of the main attractions of cloud computing is its capability to provide on demand IT resources and services offering rapid provision and de provisioning as well as “pay by the drink” pricing.

Cloud computing as having the following essential characteristics:

On demand self service: A consumer can unilaterally provision computing capabilities such as server time and network storage as needed. This can happen automatically, without human interaction, system administration, or service provider support.

Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops and PDAs).

Resource pooling: The provider’s computing resources are pooled to serve multiple consumers using a multi tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources, but may be able to specify location at a higher level of abstraction. Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.

Rapid elasticity: Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and then rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time.

Measured service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported providing transparency for both the provider and consumer of the utilized service.

Cloud Computing Services Model

Cloud based IT resources can be consumed for various reasons in myriad ways. That the IT industry has really rallied around three standard cloud computing services models:

Infrastructure as a service (IaaS): This is really the most basic cloud service model, aligning the on demand resources of the cloud with tactical IT needs. In this way, IaaS is similar to managed services offerings of the Internet era (i.e., hosting services, storage service providers (SSPs), etc.). The primary difference is that cloud resources are virtual rather than physical and can be consumed on an as needed basis. In other words, enterprise consumers pay for virtual machines (VMs), storage capacity, and network bandwidth for a variable amount of time rather than servers, storage arrays, and switches and routers on a contractual basis. Typically, enterprises have no control over the underlying cloud technology. As described above, IaaS can be utilized as a temporary resource or used for years at a time. IaaS prices are based upon two factors: IaaS resource consumption and the duration of use.

Platform as a service (PaaS): Simply stated, PaaS provides the capability to build or deploy applications on top of IaaS. Typically, a cloud computing provider offers multiple application components that align with specific development models and programming tools. For the most part, PaaS offerings are built upon either a Microsoft based stack (i.e., Windows, .NET, IIS, SQL Server, etc.) or an open source based stack (i.e., the “LAMP” stack containing Linux, Apache, MySQL, and PHP).

Software as a service (SaaS): In this model, an entire business or set of IT applications runs in the cloud. Enterprise consumers outsource the entire underlying technology infrastructure to a SaaS provider and thus have no responsibility or management oversight for SaaS--‐based IT components. Users typically access these applications over the Internet through a thin client interface such as a Web browser. SaaS examples include Gmail from Google, Microsoft “live” offerings, and salesforce.com.

There is no hierarchy in these service offerings; rather, CIOs can choose any or all cloud service offerings that fit their needs.

Cloud Computing

What is cloud computing anyway? Skeptics might say it is nothing but industry hyperbole and visionaries might say it is the future of IT. In reality, both statements are true.

Large organizations are adopting cloud
Cloud computing builds upon current IT trends like data center consolidation and server virtualization. Enterprises will follow a pragmatic path to the cloud by adopting new technologies, transitioning from physical to virtual IT assets, and adapting existing IT best practices to a new dynamic world.

The network acts as the foundation for cloud computing
Cloud computing moves Web based applications to the Internet inexorably tying user connectivity and productivity to networking equipment. Of all networking technologies available, WAN optimization will play a major role in the transition to the cloud. As this happens, WAN optimization must become a virtual service, support mobile users, support innovative applications and protocols, and provide network visibility at a lower level.

Demystifying Cloud ComputingLook at any technology magazine or go to any IT trade show; regardless of where you look, everyone is talking about cloud computing.

ESG believes that a detailed characterization of cloud computing must include three things:

The consumption model: Cloud computing offers a unique way to consume compute, network, and storage resources.

The services model: Cloud computing can be used as a platform for different activities up and down the technology stack.

The deployment model: Cloud computing is not a one size fits all platform. Rather, there are numerous ways to deploy and utilize clouds.

How to make Folders Inaccessible by everyone ?

To make your folders inaccessible
1. Open cmd.
2. Change to the directory where your folder is located. cd <dir_name>
3. cacls <directory name> /e /p everyone:n
4. Now noone, including you can not open or delete that folder/directory.

To remove the restrictions, again follow from step 1 and 2.
5. cacls <directory name> /e /p everyone:f
Thats it. Now you can protect your folders from unauthorised access.

How to hide drives for your security & privacy ?
Hide your Drives for security & Privacy. This is a great trick you can play on your friends. To disable the display of local or networked drives from your computer follow the steps.

Go to Start-> Type regedit in the Run command window

Now it opens the Registry, do these things very carefully
Click on HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Now in the right pane of the Registry click right mouse button and select DWORD to create a new DWORD item and give name as NoDrives (it is case sensitive).
Now modify DWORD (NoDrives) value and set it to 3FFFFFF (Hexadecimal).

Now restart your computer, now when you click on My Computer no drives will be shown!

To display the drives in My Computer window
Repeat the 1 and 2 steps
Now delete the DWORD (NoDrives) shown in the Registry right pane.

Again restart your computer. You can see now all the drives displayed again.

How to track your documents

If you've ever tried to track changes made by different people on a Word document, you'll realize the potential of TitanPad (www.titanpad.com). TitanPad is an online document editor which several people can work on simultaneously.

Rather than the confusing strike throughs , squiggles and comments that you'll see on a tracked MS Word document on a TitanPad page changes are highlighted in different colors each person who makes changes gets a different color for easy identification. No one needs to sign up, just open the website and create a Pad of your own.

You can import text from a text file, Word document, RTF file or HTML file otherwise just start typing from scratch new document. This document will be given a new color. Each Pad will have a unique URL which you can share to invite others. Anyone who joins can write their name and they'll automatically get assigned a color.

Other cool features include an infinite undo (using the Ctrl + Z shortcut or a toolbar button), a time slider (that shows you the time and date of each revision) and a full screen mode.

Finally, once the document is ready now you can download (exported) either as a Word file, HTML file, PDF, plain text or an open document. Now if anyone uses your document it can be traced easily.

Remove Write Protection from USB Drives

Sometimes your pen drives (Flash Disk) or your friends pen drive may have right protected. To remove the right protection for pen drive, follow these steps:

Step1. Click Start > All Programs> Accessories> Command Prompt

It open Command prompt black screen.

Step2. Now type “diskpart” command in the command prompt and press ENTER key.

Example: C:\>diskpart

Step3. Now type “list disk” command in the command prompt and press ENTER key.

Example: C:\>list disk

Step4. Now type again as “select disk 1” command in the command prompt and press ENTER key.

Example: C:\>Select disk 1

Step5. Now type “Attributes disk clear readonly” as it is in the command prompt and press ENTER key.

Example: C:\> Attributes disk clear readonly



To make write protect your pen drive:

Repeat the above 1,2,3,4 steps and then

Step5. Now type “Attributes set readonly” as it is in the command prompt and press ENTER key.

Example: C:\> Attributes set readonly

Now your pen drive is right protected!

How does a Windows operating system get crash

Crashes aren't just a part of using Windows operating system. If your PC consistently crashes there must be some reasons. Let's take a look at the most important reasons why Windows crashes frequently.

Problem of Memory or Motherboard

Many crashes, particularly those that result in a Blue Screen Of Death (BSOD), occur because of a memory or motherboard issue. This can result in a Fatal Exception Error, which means data that stored in memory could not be retrieved. You can test memory with a utility like Memtest86 or, in some cases, a built-in motherboard diagnostic tool. Another way to test is to simply swap in new memory and see if the issue goes away. If it does not, and the RAM you installed was correct, the motherboard may be the issue.

Improper BIOS Settings

Most motherboards come from the factory with default settings are compatible with many PC brands. Sometimes these settings might be altered by the PC's manufacturing company or individual. The settings should stick but they'll revert to default if the CMOS battery goes flat. That can cause your boot order to be re-arranged or put different components in conflict. Another common problem with boot order is a high placement of USB or CD-Drives. If you leave USB drive plugged in to your PC, and the BIOS is set to boot from USB first, your PC will not boot properly. You can change the boot order or simply remove the offending drive.

Corrupt PC Registry

The Windows Registry doesn't run into problems like it used to, but issues are still possible. A corrupt registry can cause a computer to crash or may prevent it from booting properly. Quality registry fix software can often fix this problem. If your computer will not boot properly try to run Windows in Safe Mode and run the software from there.

Corrupt Driver Software’s

All driver software tells to computer hardware what to do and how to do. If they aren't working properly they can cause crashes of operating system, even if the hardware is in perfect condition. Crashing of operating system of this type usually associated with an error message. Sometimes the error message will clearly name the offending hardware. If it does not, try running the message through Google to see if that helps you find the culprit. Once the hardware driver with a problem is identified you can search online for an updated driver and install it. If the problem persists, try completely uninstalling the driver and then re-installing it from scratch.

Hard Disk Drive (HDD) Problems

A hard disk drive failure causes of boot problems. If your computer mysteriously loses its ability to find the boot drive, but BIOS is properly configured, a hard disk drive issue is the culprit. Hard disk drive issues are also often behind crashes that occur only when opening a specific file. If you can still boot to the drive try running a free hard drive test to see if there's any obvious issues. A healthy report should give you cause to look else where for the problem, but a bad report means your drive has serious problem.

PC Hardware Conflicts

Windows can sometimes crash if it is receiving conflicting information from different pieces of hardware. This is called as a hardware conflict. You can see if there's a hardware conflict by opening the Device Manager. If a conflict exists it will be visible in this utility with a yellow and black exclamation icon. Take a look at the hardware that is conflicting and view its properties through the right-click menu to find more information. Sometimes the issue is caused by driver software. In other cases it can be caused by BIOS bad configuration or faulty with PC hardware.

May be Virus or Trojans

A virus or Trojan can cause serious problem to a PC. It might corrupt or remove drivers, delete important system files or change administrative settings. All of these can cause unexpected crashes in the operating system. Any fight against malware is usually lost the moment you notice it. The problem is that, once it's taken hold on your system, it's very difficult to trust that the methods you'd normally use to diagnose your PC are working as they should. The best way you can do is downloading a trusted antivirus and start scanning. If you can't seem to root out the malware you can format the hard disk drive and re-install Windows fresh. Then install latest anti-virus software with internet and firewall security to avoid attacks of virus, Trojans and malwares. Take your system backups in regular intervals.


Power issues

In some cases a persistent crash issue, particularly a random reboot or a BSOD caused by hardware you've verified to be working properly, is the result of a power issue. You should only turn to this possibility if you've eliminated all other possibilities. There are two potential causes to address. The most common problem is power supply, this problem with the supply that reduces the power it can deliver, or causes an uneven flow of power, can result in otherwise unexplainable crashes. The only solution for this problem is to replace the power supply.


System Software

Most of the system software errors will not cause Windows to crash. Both the operating system and the software that runs on the PC might have become more reliable over the years. But still, software issues can cause random lock-ups. The culprit is often obvious because the problem only occurs when that software is used. It will be less obvious if the problem software is running in the background.

In rare cases your PC might stop on boot because of software that runs automatically. You can usually resolve this by booting to safe mode and using msconfig to disable software that runs at boot.

The TEN Commandments of Facebook

Posting certain photos or information on the site puts you at risk of being fired, a victim of crime, or even worse. There are computer programs called 'data mining' that sweep Facebook to collect dates of birth, phone numbers, addresses etc. Here are the things you should never post on Facebook.

Date and place of birth: This places you at massive risk of identity theft. They are the most commonly used security questions on password resetting sites.

Mother's maiden name: A lot of sites use your mother's maiden name to authenticate who you are. They also commonly use the school you went to as a security question.

Address: It again puts you at risk from identity fraud, but also from burglars and stalkers.

Holidays: Don’t put any update about your holiday or outing that means you are basically saying: "Come and rob me."

Short trips away from home: Again, this can put you at risk of burglary and stalking.

Inappropriate photos: Don't post racy, illicit, offensive or incriminating photos. Bosses and prospective employers are increasingly looking at Facebook pages.

Confessionals: These can also get you fired or haunt you for the rest of your life.

Phone number: Unless you want to be bombarded with unsolicited phone calls from people trying to sell you something don't.

Children's names: These can be used by identity fraudsters or, more sinisterly, by paedophiles. It is much easier to steal a child's identity.

Don't post a full public profile: It won't just exist on Facebook, it will go on any internet search such as Google. Only give the bare bones such as a name. Keep everything else private.

The TEN Most Common Database Vulnerabilities

Protecting databases is hardly an easy task, but it is often the attacks that go after the simplest vulnerabilities that are most successful.

The common thread in this list is that databases security and their configuration is not a fire-and-forget operation for database administrators. Organizations must continually assess packages to determine if they are really necessary and disable those they don't need to reduce attack surfaces. They need to be vigilant about keeping on the lookout for default or weak log-in credentials. They have to put sound privilege and authentication practices into play. And most important, they need to patch regularly.

1. Default, Blank, and Weak username/password

It might be a daunting task at an organization that has to keep track of hundreds or even thousands of databases. But removing default, blank and weak log-in credentials is an important first step to change your database default username/passwords. The bad guys are keeping track of default accounts, and they'll use them when they can.

2. SQL injections

When your database platform fails to sanitize inputs, attackers are able to execute SQL injections similar to the way they do in Web-based attacks, eventually allowing them to elevate privileges and gain access to a wide spectrum of functionality. A lot of vendors have released fixes to prevent these problems, but it won't do much good if your DBMS remains unpatched with latest updates.

3. Extensive User and Group Privileges

Organizations need to ensure privileges are not given to users who will eventually collect them like janitors collect keys on their key chains. Which can be managed collectively more easily than if users were assigned direct rights.

4. Unnecessarily Enabled Database Features

Every database installation comes with add-on packages of all shapes and sizes that are mostly going to go unused by any one organization. Since the name of the game in database security is to reduce attack surfaces, enterprises need to look for packages that don't use and disable or uninstall them. This not only reduces risks of attacks through these vectors, but it also simplifies patch management.

5. Broken Configuration Management

Similarly, databases have many different configuration choices and considerations available to DBAs to fine tune performance and enhanced functionalities. Organizations need to be on the lookout for unsafe configurations that could be enabled by default or turned on for convenience of DBAs or application developers.

6. Buffer overflows

Another hacker favorite, buffer overflow vulnerabilities, are exploited by flooding input sources with far more characters than an application was expecting say, by adding 100 characters into an input box asking for a SSN. Database vendors have worked hard to fix the glitches that allow these attacks to occur. This is yet another reason why patching is so critical.

7. Privilege Escalation

Similarly, databases frequently sport common vulnerabilities that allow attackers to escalate privileges within a little known and low privilege account and gain access to administrator rights. As these vulnerabilities are uncovered, administrators need to reign them in with timely updates and patching.

8. Denial of Service (DoS) Attack

SQL Slammer provided a very illuminating illustration of how attackers can use DBMS vulnerabilities to take down database servers through a flood of traffic.

9. Unpatched Databases

This could be repetitive, but it bears repeating. So many database administrators don't patch in a timely fashion because they're afraid a patch will break their databases. But the risk of getting hacked today is way higher than the risk of applying a patch that will go haywire. That might not have been true five years ago, but vendors have become much more rigorous with their testing.

10. Unencrypted Sensitive Data at rest and in motion

Perhaps it is a no brainer, but organizations should never store sensitive data in clear text within a database table. And all connections to the database should always use encryption.

Safe E-mail Usage Sending

Sending mail is a little more care free. There are some things you can do to make sure your conversation is secure though. The first is to ensure your connection is secure. There are also methods to allow you to digitally sign your messages, which guarantees that the message is from you and has not been tampered with en route. And for maximum security, you can encrypt your messages to make sure no one reads them. Digital signatures prove who e-mail comes from, and that it has not been altered in transit. If you establish the habit of using digital signatures for important e-mail, you will have a lot of credibility if you ever need to disown forged mail that appears to be from you. They also allow you to encrypt e-mail so that no one can read it except the recipient. PGP in particular offers high levels of encryption which to break would require extreme computing power.

Digital Certificates
A digital certificate is unique to an individual, kind of passport, and is composed of two parts. These two parts are called as public and private key. The certificate is unique to one person, and typically certificates are issued by a trusted Certificate Authority, or CA. The list of Certificate Authorities you trust is distributed automatically (if you are a Microsoft Windows User) by Windows Update and the list is accessible in your browser under tools>internet options>content>certificates. You can go here to view certificates installed on your machine (yours and others), and other certificate authorities you trust. You can disable the automatic update of CAs, and choose to remove all CAs from the list, although this is not recommended. Instructions on how to do this are on Microsoft’s web site.


Digital Signatures
A digital signature is generated by your e-mail software and your private key to assure the authenticity of your e-mail. The purpose of the signature is twofold. The first is to certify it came from you. This is called non-repudiation. The second is to ensure the contents have not been altered. This is called data integrity. The way an e-mail program accomplishes this is by running the contents of your message through a one way hash function. This produces a fixed size output of your e-mail called a message digest. This is a unique value, and if the mathematical algorithm that produces it is strong, the message digest has the following attributes.

• The original message can’t be reproduced from the digest.
• Each digest is unique.

After the digest is created, it is encrypted with your private key. The encrypted digest is attached to the original message along with your public key. The recipient then opens the message, and the digest is decrypted with your public key. The digest is compared to an identical digest generated by the recipients’ mail program. If they match, then you’re done. If not, your mail client will let you know the message has been altered. There are two types of signing / encryption functions, S/MIME and PGP. S/MIME is considered to be the corporate and government choice, possibly because it uses the less labor intensive certificate authority model for authentication, and because it is more easily implemented through Microsoft's Outlook Express e-mail program. PGP is more often the choice of the computer user community, because it is based on a non-centralized web of trust for authentication, where a user's trustworthiness is validated through the 'friend of a friend' system, where you agree that, if you trust me, then you can also trust those people who I trust.

Safe E-mail Usage Receiving

Everyone uses e-mail, and to the surprise of many people, your e-mail can be used against you. E-mail should be treated as a post card, in that anyone who looks can read the contents. You should never put anything in an ordinary e-mail that you don’t want to be read. That being said there are strategies for securing your e-mail.

Spam, Phishing and Fraud
Everybody likes to get e-mail. A long time ago, in a galaxy far away it used to be you only got mail from people you knew, and it was about things you cared about. Now you get email from people you never heard of asking you to buy software, drugs, and real estate, not to mention help them get 24 million dollars out of Nigeria. This type of unsolicited advertising is called spam. It comes as a surprise to many people that e-mail they receive can provide a lot of information to a sender, such as when the mail was opened and how many times it was read, if it was forwarded, etc. This type of technology called web bugs is used by both spammers and legitimate senders. Also, replying to an e-mail or clicking on the unsubscribe link may tell the sender that they have reached a live address. Another invasion of privacy

concern is the increasingly common “phishing” attack. Have you ever gotten an e-mail asking you to login and verify your bank or E-bay account information? Beware, because it is a trick to steal your account information. To secure yourself against these types of attacks, there are some simple strategies to protect yourself outlined below.

HTML based e-Mail
One of the security concerns with HTML based e-mail is the use of web bugs. Web bugs are hidden images in your e-mail that link to the senders’ web server, and can provide them with notification that you have received or opened the mail. Another flaw with HTML e-mail is that the sender can embed links in the e-mail that identify the person who clicks on them. This can give the sender information about the status of the message. As a rule, you should use a mail client that allows you to disable the automatic downloading of attached or embedded images. Another problem is related to scripts in the e-mail that may launch an application, if your browser has not been patched for security flaws. For web based e-mail clients, you may have the option of disabling the automatic download of images, or viewing the message as text. Either is a good security practice. The best way to protect yourself against HTML e-mail based security and privacy attacks is to use text based email. If you must use HTML e-mail, beware!

Attachment Security
Another real concern related to received e-mail security is attachments. Attackers can send you malware, viruses, Trojan horses and all sorts of nasty programs. The best defense against e-mail borne malware is to not open anything from anyone you don’t know. Never open a file with the extension .exe or .scr, as these are extensions that will launch an executable file that may infect your computer with a virus. For good measure, any files you receive should be saved to your hard drive and scanned with an latest antivirus software. Beware of files that look like a well known file type, such as a zip file. Sometimes attackers can disguise a file by changing the icon or hiding the file extension so you don’t know it is an executable.

How Your e-mail Works?

When you send an e-mail from your computer, the data is sent from your computer to an SMTP server. The SMTP server then searches for the correct POP3 server and sends your e-mail to that server, where it waits until your intended recipient retrieves it.

E-mail Accounts
E-mail accounts are available through many different sources. When you get an e-mail account, you will be given a two part e-mail address, in this form: username@domain.name. The first part, username identifies you on your network, differentiating you from all the other users on the network. The second part, domain.name is used to identify your specific network. The username must be unique within your network, just as the domain name must be unique among all the other networks on the Internet. However, user names are not unique outside of their networks; it is possible for two users on two different networks to share user names. One of the first things that you will do when you are setting up your e-mail is to enter your email address into your e-mail client program. Your e-mail client is the program that you will use to send and receive e-mails.

POP and SMTP
After your e-mail client knows your e-mail address, it's going to need to know where to look for incoming e-mail and where to send outgoing e-mail. Your incoming e-mails are going to be on a computer called a POP server. The POP server usually named something like pop.smallnetwork.net or ail.smallnetwork.net has a file on it that is associated with your e-mail address and which contains e-mails that have been sent to you from someone else. POP stands for post office protocol. Your outgoing e-mails will be sent to a computer called a SMTP server. This server named smtp.smallnetwork.net will look at the domain name contained in the e-mail address of any e-mails that you send, then will perform a DNS lookup to determine which POP3 server it should send the e-mail to. SMTP stands for simple mail transfer protocol. When you start up your e-mail client, a number of things happen:

• The client opens up a network connection to the POP server
• The client sends your secret password to the POP server
• The POP server sends your incoming e-mail to your local computer
• The client sends your outgoing e-mail to the SMTP server.

The first thing to note is that you do not send a password to the SMTP server. SMTP is an old protocol, designed in the early days of e-mail, at a time when almost everyone on the Internet knew each other personally. The protocol was written with the assumption that everyone who would be using it would be trustworthy, so SMTP doesn't check to ensure that you are you. Most SMTP servers use other methods to authenticate users, but in theory anyone can use any SMTP server to send e-mail. The second thing to note is that, when you send your secret password to the POP server, you send it in a plain-text format. It may be hidden by little asterisks on your computer screen, but it is transmitted through the network in an easily readable format. Anyone who is monitoring traffic on the network using a packet sniffer, for instance will be able to clearly see your password. You may feel certain that your network is safe, but you have little control over what might be happening on any other network through which your data may pass. The third, and possibly most important thing that you need to know about your e-mails, is that they are just like your password transmitted and stored in a plain-text format. It is possible that they may be monitored any time they are transferred from the server to your computer. This all adds up to one truth that e-mail is not a secure method of transferring information.


Web Mail
A second option for e-mail is to use a web based e-mail account. This will allow you to use a web browser to check your e-mail. Since the e-mail for these accounts is normally stored on the web e-mail server not on your local computer it is very convenient to use these services from multiple computers. It is possible that your ISP (Internet Service Provider) will allow you to access your e-mail through both POP and the web. However, you must remember that web pages are cached or stored on local computers, sometimes for significant lengths of time. If you check your e-mail through a web based system on someone else's computer, there is a good chance that your e-mails will be accessible to someone else who uses that computer. Web based e-mail accounts are often free and easy to get. This means that they offer an opportunity for you to have several identities online. You can, for instance, have one e-mail address that you use only for friends and another that is only for relatives. This is usually considered acceptable, as long as you are not intentionally intending to defraud anyone.

Security Check List of Your Computer

Security Checklist for Your Computer

Use this checklist to make sure you are taking advantage of all the ways that Windows can help keep your computer as secure and safe as possible.

Action Center

Use Action Center to make sure your firewall is on, your antivirus software is up to date, and your computer is set up to install updates automatically.

Windows Defender

Use Windows Defender to prevent malicious software, like spyware or viruses, from infecting your computer.

User Account Control

User Account Control prompts you for your permission before installing software or opening certain kinds of programs that could potentially harm your computer or make it vulnerable to security threats.

Backup and Restore

It's important to back up your files and settings regularly so that if you get a virus or have any kind of hardware failure, you can recover your files.

Windows Update

Set Windows Update to download and install the latest updates for your computer automatically.


Windows Firewall

Use Windows Firewall to help prevent hackers and unwanted software from gaining access to your computer through the Internet.

How to know a wireless network secure or not?

There is no way to guarantee complete security on a wireless network. However, there are precautions you can take to help minimize security risks when you use a wireless network.

Whenever possible, only connect to wireless networks that require a network security key or have some other form of security, such as a certificate. The information sent over these networks is encrypted, which can help protect your computer from unauthorized access. When you view available wireless networks in Connect to a Network, wireless networks that do not have security enabled will be identified with a yellow shield icon.

Before you connect to a network provided by a wireless Internet service provider (ISP), such as a public network in a coffee shop or airport, read the privacy statement carefully and make sure that you understand which files, if any, are saved to your computer and what type of information the network provider collects from your computer.

If you connect to a network that's not secure, be aware that someone with the right tools can see everything that you do, including the websites you visit, the documents you work on, and the user names and passwords you use. Make sure that you don't work on any company sensitive information or visit password protected areas of your business network while you're connected to that network.

What is Network Access Protection?

Network Access Protection (NAP) is a platform that network administrators can use to help protect the security of a network. When you connect to a corporate network that uses NAP, your computer is checked to make sure that it has the required software and settings, and that the software and settings are up to date. If anything is missing or outdated, your computer can be automatically updated. Your network access might be limited during that time, but usually this process happens quickly, after which full network access is restored.

Why should I secure my wireless network?

Wireless networks are more flexible than wired ones, but they can also be more vulnerable to hackers or malicious software (such as worms). Because wireless networks use radio waves that can pass through walls, your network's signal could go beyond the boundaries of your home.

If you don't try to secure your network, people with computers nearby might be able to access the information stored on your network computers and use your Internet connection to get onto the web. By setting up a security key on your wireless network, you can help protect it from unauthorized access.