ST15-003: Before You Connect a New Computer to the Internet

["US-CERT" <US-CERT () ncas us-cert gov>]

U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:



ST15-003: Before You Connect a New Computer to the Internet [ https://www.us-cert.gov/ncas/tips/ST15-003 ] 12/15/2015 
06:07 PM EST 
Original release date: December 15, 2015 | Last revised: October 29, 2018

*Why is computer security important? *

Because computers play such critical roles in our lives, and because we input and view so much personally identifiable 
information (PII) on them, its imperative to implement and maintain computer security. Strong computer security ensures 
safe processing and storage of our information.

*How can I improve my computers security? *

The following are important steps you should consider to make your computer more secure. While no individual step will 
eliminate all risk, when used together, these defense-in-depth practices will strengthen your computers security and 
help minimize threats.


  * *Secure your router. *When you connect a computer to the internet, its also connected to millions of other 
computersa connection that could allow attackers access to your computer. Although cable modems, digital subscriber 
lines (DSLs), and internet service providers (ISPs) have some level of security monitoring, its crucial to secure your 
routerthe first securable device that receives information from the internet. Be sure to secure it before you connect 
to the internet to strengthen your computers security. (See Securing Your Home Network [ 
https://www.us-cert.gov/ncas/tips/ST15-002 ] for more information.) 
  * *Enable and configure your firewall.* A firewall is a device that controls the flow of information between your 
computer and the internet. Most modern operating systems (OSs) include a software firewall. The majority of home 
routers also have a built-in firewall. Refer to your routers user guide for instructions on how to enable your firewall 
and configure the security settings. Set a strong password to protect your firewall against unwanted changes. (See 
Understanding Firewalls [ https://www.us-cert.gov/ncas/tips/ST04-004 ].) 
  * *Install and use antivirus software.* Installing an antivirus software program and keeping it up-to-date is a 
critical step in protecting your computer. Many types of antivirus software can detect the presence of malware by 
searching for patterns in your computers files or memory. Antivirus software uses signatures provided by software 
vendors to identify malware. Vendors frequently create new signatures to ensure their software is effective against 
newly discovered malware. Many antivirus programs offer automatic updating. If your program has automatic updates, 
enable them so your software always has the most current signatures. If automatic updates arent offered, be sure to 
install the software from a reputable source, such as the vendors website. (See Understanding Anti-Virus Software [ 
https://www.us-cert.gov/ncas/tips/ST04-005 ].) 
  * *Remove unnecessary software. *Intruders can attack your computer by exploiting software vulnerabilities, so the 
fewer software programs you have installed, the fewer avenues there are for potential attack. Review the software 
installed on your computer. If you dont know what a software program does, research the program to determine whether or 
not the program is necessary. Remove any software you feel isnt necessary after confirming its safe to remove. Back up 
important files and data before removing unnecessary software to prevent accidentally removing programs that turn out 
to be essential to your OS. If possible, locate the installation media (e.g., CD) for the software in case you need to 
reinstall it. 
  * *Modify unnecessary default features.* Like removing unnecessary software, modifying or deleting unnecessary 
default features reduces attackers opportunities. Review the features that are enabled by default on your computer, and 
disable or customize those you dont need or dont plan on using. As with removing unnecessary software, be sure to 
research features before modifying or disabling them. 
  * *Operate under the principle of least privilege. *In most instances of malware infection, the malware can operate 
only using the privileges of the logged-in user. To minimize the impact of a malware infection, consider using a 
standard or restricted user account (i.e., a non-administrator account) for day-to-day activities. Only log in with an 
administrator accountwhich has full operating privileges on the systemwhen you need to install or remove software or 
change your computers system settings. 
  * *Secure your web browser. *When you first install a web browser on a new computer, it will not usually have secure 
settings by default, you will need to adjust your browsers security settings manually. Securing your browser is another 
critical step in improving your computers security by reducing attacks that take advantage of unsecured web browsers. 
(See Securing Your Web Browser [ https://www.us-cert.gov/publications/securing-your-web-browser ].) 
  * *Apply software updates and enable automatic updates. *Most software vendors release updates to patch or fix 
vulnerabilities, flaws, and weaknesses (bugs) in their software. Intruders can exploit these vulnerabilities to attack 
your computer. Keeping your software updated helps prevent these types of infections. (See Understanding Patches and 
Software Updates [ https://www.us-cert.gov/ncas/tips/st04-006 ].) When setting up a new computer, go to your software 
vendors websites to check for and install all available updates. Many OSs and software programs have options for 
automatic updates. Enable automatic updates if they are offered; doing so will ensure your software is always updated, 
and you wont have to remember to do it yourself. Only download software updates directly from a vendors website, from a 
reputable source, or through automatic updates. 

What are some additional best practices I can follow?

There are other simple practices you can follow to improve your computers security.


  * *Use caution with email attachments and untrusted links.* Malware is commonly spread by users clicking on a 
malicious email attachment or a link. Dont open attachments or click on links unless youre certain theyre safe, even if 
they come from a person you know. Be especially wary of attachments with sensational names, emails that contain 
misspellings, or emails that try to entice you into clicking on a link or attachment (e.g., an email with a subject 
that reads, Hey, you wont believe this picture of you I saw on the internet!). (See Using Caution with Email 
Attachments [ https://www.us-cert.gov/ncas/tips/st04-010 ].) 
  * *Use caution when providing your information. *Emails that appear to come from a legitimate source and websites 
that appear to be legitimate may be malicious. An example is an email claiming to be sent from a system administrator 
requesting your password or other sensitive information or directing you to a website that requests your information. 
Online services (e.g., banking, ISPs, retailers) may request that you change your password, but they will never specify 
what you should change it to or ask you what it is. If you receive an email asking you to change your password, visit 
the site yourself instead of clicking on any link provided in the email. (See Avoiding Social Engineering and Phishing 
Attacks [ https://www.us-cert.gov/ncas/tips/st04-014 ].) 
  * *Create strong passwords. *Use the strongest, longest password or passphrase permitted. Dont use passwords that 
attackers can easily guess, like your birthday or your childs name. Attackers can use software to conduct dictionary 
attacks, which try common words that may be used as passwords. They also conduct brute force attacks, which are random 
password attempts that run until one is successful. When setting security verification questions, choose questions and 
answers for which an internet search would not easily yield the correct answer (e.g., your pets name). (See Choosing 
and Protecting Passwords [ https://www.us-cert.gov/ncas/tips/ST04-002 ].) 
________________________________________________________________________

Author: NCCIC________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

body { font-size: 1em; font-family: Arial, Verdana, sans-serif; font-weight: normal; font-style: normal; color: 
#333333; } ________________________________________________________________________

A copy of this publication is available at www.us-cert.gov [ https://www.us-cert.gov ]. If you need help or have 
questions, please send an email to info () us-cert gov. Do not reply to this message since this email was sent from a 
notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT () 
ncas us-cert gov to your address book. 

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ]  

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]