How to secure information on a computer. Protecting data on your computer. Protection of information and accounts

Today we will talk about protecting information on a computer, what protection methods are used, what is two-factor user authentication.

In the age of speed and scientific and technological progress

In the age of speeds and scientific and technological progress, when it is necessary to fix a lot of important information in memory, a person is simply not physically ready to keep it in his head.

To this end, in the modern world, various gadgets are actively used that can significantly make our life easier.

It is in computers, laptops, memory cards or flashcards that we store a lot of different information, among which there is necessarily one that has one or another degree of confidentiality.

Unfortunately, it also happens that a computer or laptop is either hacked, or it becomes unusable for one reason or another, but in the worst case, the equipment can simply be stolen.

It is not difficult to guess that with the latter outcome, unambiguously, all the secret information contained in them will become public knowledge and, possibly, can be used against you.

It's one thing when all this data is insignificant and unimportant. But what if things are quite different?

It is then that in the head of any sane person a question arises regarding the most convenient and safe way to protect important classified information.

Setting passwords correctly

To begin with, let's dwell on those points that should be avoided in this case.

Strong passwords must be set. For Windows XP, this password cannot be more than 14 characters. If you have already set your sights on creating your password, then you constantly need to modify it and not come up with the simplest and well-remembered symbols, like 1234, etc.

And only with careful thought over the password, all hacking attempts will fail.

On Windows 10, when creating a password, a window like this will appear.

But the whole question is that there are now many programs on the World Wide Web that teach such procedures with direct access to a laptop or computer.

Even the ability to access a DVD drive is often enough.

And if there is an irresistible desire and some kind of awareness, then in general you can not resort to cracking passwords.

In this case, you just need to start the Linux system from the disk, which can easily read all the information from the hard disk. The access rights you set will not be an obstacle for her. And even NTFS will not help out here.

Data encryption, will it save you?

As for the encryption of data on the hard drive as another method of protecting information, we note that this most important function will be available to you only when using the NTFS file system.

And if you are not worried about the possibility of certain losses related to the performance of your computer or laptop, then such a method of protection will definitely deprive you of any ability to read data.

Also, keep in mind that the encryption process can be completely useless if hackers reset your password and log into the system using your account.

A proven method

And now we will talk about the most effective and time-tested method of protection - "two-factor authentication".

Its essence lies in the fact that the presentation of a password here will be clearly insufficient, since you will also need your fingerprint, and a smart card, voice data or anything else that allows you to clearly identify your identity.

This method will be beneficial if one of the keys listed above is always at your disposal and not left unattended.

If these two main conditions are strictly observed, then hackers will not have a single opportunity to use all kinds of hacking methods.

If desired, you can enable encryption of the most important files and folders.

It is important to remember that absolutely everything is not worth encrypting, as this will noticeably slow down the performance of the computer.

You can forget about the thoughts about maintaining the secrecy of information in case the computer is taken away for a while or stolen.

The main rule is the use of two-factor authentication along with encryption of data on the hard drive.

Summing up

Summing up, it is worth emphasizing that modern computer models are far from ideal and not perfect, for this reason, quite often they require periodic repair due to a system failure.

When choosing one of the above methods of protection, do not forget that certain conditions may arise when all password-protected systems may be inaccessible to you.

To prevent such a nuisance from happening, it is imperative to create archived copies of the data.

It is best to keep them away from your computer. If this information is related to financial risk, then it is better to keep all copies in a bank cell or in a safe.

Your task is to clearly understand that when it comes to security, half measures are unacceptable here.

Therefore, the issue of ensuring confidentiality should be taken very seriously from the outset.

Answer: Personal computers (PCs) have all the properties of computers of other classes, therefore, generally speaking, all problems of information protection in systems built on their basis and approaches to protection are similar to other classes. However, personal computers have a number of such properties that, on the one hand, favor protection, and on the other hand, complicate and complicate it.

The main of these properties are:

small dimensions and weight, which makes them not just transportable, but easily portable;

the presence of a built-in internal memory of a large volume that retains the recorded data after the power is turned off;

the presence of a removable memory device of large volume and small dimensions;

availability of interface devices with communication channels;

equipment with software with wide functionality;

mass production and distribution;

relatively low cost.

The listed and some other features have created objective prerequisites for the mass distribution of PCs in almost all areas of modern society, a sharp increase in the intensity of information circulation, decentralization of the processes of its storage and processing, a significant change in the structure and content of information technologies.

The following factors have a decisive influence on the formation of a variety of possible approaches to protecting information in a PC and the choice of the most appropriate of them in specific situations:

goals of protection;

potential protection methods;

available remedies.

The main goals of information protection:

ensuring physical integrity;

ensuring logical integrity;

prevention of unauthorized receipt;

prevention of unauthorized modification;

prevention of unauthorized copying.

Ensuring the logical integrity of information for a PC is of little relevance, while other goals in relation to a PC can be specified as follows.

Ensuring physical integrity.

The physical integrity of information in a PC depends on the integrity of the PC itself, the integrity of disks and diskettes, the integrity of information on disks, diskettes and RAM fields. In a wide range of threats to the integrity of information in the PC, special attention should be paid to the threats associated with the insufficiently high qualifications of a large number of PC owners. In this regard, the possibility of destruction or corruption of data on a hard disk (hard drive), on which very large amounts of data can accumulate, by the user, seems to be especially dangerous.

Prevention of unauthorized modification.

A very dangerous type of unauthorized modification of information on a PC is the action of malicious programs (computer viruses) that can destroy or destroy programs or data arrays. This danger is gaining relevance due to the fact that the practice of exchanging floppy disks is becoming common among PC owners. The floppy disk you receive may contain a very nasty surprise.

Prevention of unauthorized receipt of information in the PC.

This purpose of protection becomes especially relevant in cases where the stored or processed information contains a secret of one nature or another (state, commercial, etc.). The possibilities of unauthorized obtaining of information in modern PCs are very wide and varied, therefore this type of protection requires serious attention.

Prevention of unauthorized copying of information.

The relevance of this type of protection is determined by the following three circumstances:

accumulated arrays of information are increasingly becoming a commodity;

trade in computer programs is becoming more and more widespread;

floppy disk drives and rewritable optical drives create very favorable conditions for large-scale copying of PC information.

Ensuring the integrity of information in the PC.

The relevance of this type of information protection in a PC is of a general nature, regardless of what information is processed, therefore, knowledge and skills to ensure integrity are necessary for all PC users.

First of all, you should know and remember that threats to the integrity of information in a PC, as in any other automated system, can be accidental and deliberate. The main types of random threats are failures, failures, errors, natural disasters and side effects, and the specific sources of their manifestation are hardware, programs and users. Taking into account the current state of PC hardware and software, as well as the methods and means of their use, user errors should be attributed to the most real threats to the integrity of information of a random nature. The main of these errors are incorrect handling of serial software components.

A much greater threat to the integrity of information in a PC is posed by deliberate threats created by people for malicious purposes. Such a threat can be immediate, if an attacker gains access to the PC, and indirect, when the threat is created using intermediate media, most often using a floppy disk. Of the deliberate threats, the most widespread are the so-called destructive software tools (RPS): electronic viruses, worms, Trojan horses, etc. They also pose the greatest threat to the integrity of information in a PC.

Protecting your PC from unauthorized access.

As practice shows, unauthorized access (unauthorized access) is one of the most serious threats to malicious seizure of protected information in modern ASOD. Strange as it may seem, but for a PC, the danger of this threat increases in comparison with large computers, which is facilitated by the following objectively existing circumstances:

the overwhelming part of the PC is located directly in the work rooms of specialists, which creates favorable conditions for access to them by unauthorized persons;

many PCs serve as a collective means of information processing, which depersonalizes responsibility, including for the protection of information;

modern PCs are equipped with non-removable hard disk drives of very large capacity, and information on them is stored even in a de-energized state;

drives on the KMD are produced in such a mass quantity that they are already used for the dissemination of information in the same way as paper media;

originally, PCs were created precisely as a personal means of automating information processing, and therefore were not equipped with special means of protection against tampering.

In view of the foregoing, those users who wish to maintain the confidentiality of their information should take particular care of equipping the PC used with highly effective means of protection against unauthorized attacks.

The main mechanisms for protecting a PC from tampering can be represented by the following list:

physical protection of PCs and storage media;

identification (authentication) of users and used information processing components;

differentiation of access to elements of protected information;

cryptographic closing of protected information stored on media (data archiving);

cryptographic closure of the protected information in the process of its direct processing;

registration of all calls to the protected information. The general content and ways of using the listed mechanisms are outlined below.

When processing classified information, only persons admitted to the processed information may be in the room. In order to increase the reliability of physical protection during non-working hours, the PC should be stored in a sealed safe.

Identification (authentication) of users and used information processing components.

Conceptually, the solution to this problem does not fundamentally differ from a similar problem solved in any ASOD:

the protection system must reliably determine the legality of each access to resources, and the legitimate user must be able to make sure that he is provided with exactly those components (hardware, programs, data arrays) that he needs.

To date, the following methods have been developed and applied for user identification:

using a simple password;

in an interactive mode using several passwords and / or personal information of users;

by individual characteristics and physiological characteristics of a person (fingerprints, hand geometry, voice, personal painting, structure of the retina, photography and some others);

using radio code devices;

using electronic cards.

Protection of information from copying.

Copy protection consists in preventing the possibility of unauthorized copying of information located in the computer RAM or on the MD (flexible or hard) for the purpose of its malicious use. It is easy to see that this protection can be represented as an integral part of the protection against unauthorized obtaining of information.

Its allocation as an independent type of protection is mainly due to the desire to protect the copyright and commercial interests of developers and owners of software for PCs. As you know, computer programs are legally recognized as intellectual property, and a market for their distribution on a commercial basis has already been fully formed. In the conditions of market relations, this inevitably led to the so-called software piracy, that is, to the malicious misappropriation of other people's programs, both for the purpose of attribution of authorship and for profit.

Protected programs for a PC can be located in RAM, on the HMD and on the hard disk drive (paper media are not considered here, since their protection should be carried out using traditional methods and methods). Protection of programs located in RAM and on hard disk drives is no different from the above protection against tampering. Therefore, here the main attention is focused on copy protection of KMD (floppy disks), since this type of piracy has become widespread enough, and protection against it is of a purely specific nature.

A system for protecting a program from copying is understood as a system that ensures that it performs its functions only when it recognizes some unique non-copyable element called a key element. The key element can be a floppy disk, a certain piece of PC hardware, or a special device connected to a PC.

The main functions performed by the program's copy protection systems are as follows:

identification (i.e. assignment of an individual hard-to-forge distinctive feature) of the environment (floppy disk or PC) from which the protected program will be launched;

authentication (identification) of the medium from which the request for copying the protected program comes;

registration of authorized copying;

response to attempts of unauthorized copying;

opposition to the study of algorithms for the protection system.

To identify floppies, two methods are most widespread: damage to a part of the surface and non-standard formatting of a floppy disk.

One of the fairly reliable identification methods according to the first method is the creation of a so-called laser hole, which consists in burning a floppy disk in a certain place with a laser beam. It has been proven that it is very difficult to create the same label in the same place as on the original diskette on a copy diskette.

The second way to identify a protected floppy disk is to perform non-copyable formatting. The method is quite reliable, but the problem of finding a non-copyable format is empirical, and its solution is possible only with a detailed knowledge of all the intricacies of the controller's functioning processes.

To date, a number of methods for implementing this identification method have been developed: violation of the sequence of sectors on a floppy disk track, changing the inter-sector distance, formatting with a length code of 0 or 1, monitoring the track length, interrupting the operation and turning off the motor, etc.

Responses to attempts to unauthorized copying of a floppy disk can be different: refusal to execute a request, warning an attacker about more serious sanctions, destruction of a protected program (after the first attempt or after several attempts, etc.).

The last of the above functions of the copy protection system - counteracting the study of the algorithms of the protection system - is provided in order to prevent an attacker from studying the structure and content of the protection system implemented on the diskette in order to overcome (neutralize) it. The importance of this function is determined by the fact that a qualified system programmer, in general, can determine (restore) the logic of the operation of any module of the entire protection system and find ways to overcome it.

The study of the logic of the program can be carried out in two ways: disassembling (converting the executable program module into a listing of the source text) and tracing the program (executing it in an environment that allows access to registers and memory areas, stopping the execution of the program at some addresses, etc. .), It follows that the main content of the function under consideration should be to create reliable obstacles to disassembling and tracing software modules of the protection system.

To date, a significant number of software systems for protecting floppy disks from copying have been developed.

To protect against unauthorized entry into a personal computer system, both system-wide and specialized software protection tools can be used.

System-wide tools include the Setup utility, which is part of the BIOS and is designed to configure the computer's hardware parameters. To implement the considered type of protection, you must use this utility to set the following computer boot parameters:

the order of the operating system (OS) boot, which specifies the initial boot from the hard disk (device C :); asking for a password before loading the operating system.

Installing the initial boot from the hard disk is necessary to prevent the possibility of booting the OS from a floppy disk or CD, since some older BIOS versions allow you to boot from a floppy disk without prompting for a password. If the BIOS version used, with the boot password set, provides a password request when booting from a floppy disk, which is usually implemented in all modern versions of the basic I / O system, then there is no need to change the boot order to protect against unauthorized entry into the computer system.

For effective protection, it is necessary to use specialized software systems, for example, the Cobra system, which allows each user to implement one of the following levels of authentication:

entering a password from the keyboard;

entering a password from a floppy disk;

Protection against unauthorized access to the computer without logging off.

In some cases, while the user is working at the computer, it may be necessary to leave the computer unattended for a short time without ending the session (without turning off the computer). In the absence of the user, nothing prevents unauthorized access to the computer system, since the authentication process has already been performed by the authorized user who left the computer.

To prevent this situation, before leaving the computer, you must either end your session or lock the keyboard, mouse, and screen until the authentication process is initiated.

In addition, it should be possible to automatically lock the keyboard, mouse and screen after a specified time of user inactivity. This provides protection if, when leaving the computer, the user forgets to log off or forcibly lock the keyboard, mouse, and screen.

The features of the implementation of the level of protection against unauthorized access to the computer when it is left without logging out for MS-DOS, Windows 3, xx and Windows 95/98 / NT environments differ from each other.

When using system-wide security tools in the MS-DOS environment, locking of the keyboard, screen and mouse by timeout in the absence of signs of user activity is not provided.

The disadvantage of tamper-proof screen savers in Windows environments is that they cannot force lock the keyboard, screen, and mouse without logging out.

In specialized security systems, for example, in the Cobra system, both the ability to block the keyboard, mouse and computer screen by timeout is provided, as well as the ability to forcibly block the computer while it is left unattended.

Protection in the MS-DOS environment.

Protection against unauthorized access to the computer when it is left without logging out in the MS-DOS environment can be implemented using the Diskreet utility, which is part of the 7th or 8th version of Norton Utility. To do this, follow these steps:

connect driver Diskreet.sys: include in Config file. sys the line DEVICE = d: pathDISKREET.SYS, where d and path are the logical drive and the path of the Diskreet.sys file, respectively;

reboot the OS;

run the Diskreet.exe utility;

by pressing the F10 key, enter the menu, select the Options item and enter the Driver command. Expand the Hot key list using a key combination and select a key combination to lock the keyboard, mouse and screen; set the Keyboard / Screen Lock checkbox by pressing the spacebar and press Ok;

using the Master Password command from the Options menu item, enter the master password and exit the utility.

After completing the listed actions, you can lock the screen, keyboard and mouse by pressing the set key combination. To unlock, enter the master password and press the key. This password will also need to be entered after issuing the Driver command in the Options menu from the Diskreet utility environment.

To change the master password, run the Diskreet utility, enter the Master Password command from the Options menu item, and then define a new password by entering the old one. If you forget the master password, the only way out of this situation is to delete the Diskreet.ini file. When this file is missing, it is assumed that the master password has not been set.

Protection in Windows environments.

To set the level of protection against unauthorized access to the computer when it is left without logging out in Windows 3.XX, follow these steps:

double-click to launch the Control Panel program in Windows and then "Design";

select any password protected Screensaver in the Screensaver group, such as Marquee, Flying Windows, or Starfiefd Simulation;

in the Delay field, set the required time of user inactivity, after which the screen saver will be activated;

click the Options button, check the Password protection box and define a password;

confirm the changes made by pressing the Ok buttons and close the Control Panel.

Setting the parameters of protection against unauthorized access to the computer when it is left without logging out for the operating environment Windows 95/98 / NT / XP / 2000 is performed as follows:

activating the Windows 95/98 / NT Control Panel and launching the Display component used to configure the display settings;

activation of the "Screensaver" property sheet and selection of the screen saver you like;

setting in the Interval field the required time of user inactivity, after which the screen saver will be activated;

checking the Password box;

defining a password using the Change button;

confirmation by pressing the Ok button of the changes made and closing the Control Panel.

After making the specified settings, after the set time of user inactivity, the screen saver will be activated, which will not allow you to return to the system without entering the password set in the Control Panel. Changing the return password to the system is carried out by analogy with the process of setting it.

Protecting your PC from malicious bookmarks.

The main types of harmful effects include impact on information (destruction, distortion, modification) and impact on the system (disablement, false initiation of an action, modification of the content of functions performed, interfering with work). The possible nature of the impact of bookmarks will be presented in more detail below when considering the issue of their classification.

This type of protection for a PC is of particular importance for a number of reasons, namely:

it is relevant for all PC users without exception, regardless of whether they process confidential or open information;

infection with destructive software (RPS) poses a threat of increased danger to the PC, which is especially facilitated by the high dynamism of information exchange both through communication channels (in computer networks) and through floppy disks;

protecting a PC from RPS requires special professionalism, since many of them are of a specific individual nature, and their neutralization and elimination are associated with software manipulations that are often of a very complex and even skillful nature. The currently known bookmarks are carried out by hardware or software.

Hardware bookmarks can be carried out in the process of manufacturing a PC, repairing it or carrying out preventive maintenance. The real threat of such bookmarks is created by the massive and practically uncontrolled proliferation of PCs. A special danger of hardware bookmarks is that they may not show their harmful effects for a long time, and then begin to implement them either after a certain time, or when a certain state of the PC occurs (for example, when the hard magnetic disk is filled with data to a predetermined level), or by a special remote command. Early detection of hardware bugs is possible only in conditions of checks using special methods and tools.

From the point of view of a mass user, software bookmarks (FBS) seem to be especially dangerous due to their comparative (relative to hardware) simplicity of their implementation, high dynamics of their distribution and increased difficulty of protection against them. So, if, as a result of special checks, hardware tabs were not found or they were eliminated (the possibility of their action was neutralized), then with a high degree one can be sure that they are absent in the corresponding PC. Software bookmarks can appear at any time, which is especially facilitated by the following circumstances;

mass exchange of information on flexible MDs, which has now assumed the character of Brownian motion;

wide distribution of copies of illegally acquired software;

the possibility of remote exposure to PCs connected to the network;

a wide and constantly growing range of types of bookmarks, which complicates the processes of their detection and neutralization.

By now, a significant number of bookmarks are known that have received the following code names: Trojan horse, bomb, trap, hatch, virus, worm.

Distinctive features of these varieties can be characterized as follows.

Trojan horse is a non-self-replicating RPS capable of unauthorized reading of data, their destruction and other destructive functions.

A bomb is a non-self-replicating one-time-use RPS, which is activated under certain conditions (at a given time, in a given state of the computer, on a command from the outside) and carrying out large-scale destruction of information.

A trap is a non-self-replicating program that performs unauthorized interception of information and writes it into the appropriate field of the memory or issuing it to a communication channel.

Luke is a non-self-replicating program that provides an attacker with unauthorized access to protected information.

A virus is a self-propagating RPS capable of destroying or modifying data and / or programs in a computer.

A worm is a self-replicating RPS capable of destroying data or program elements.

Basic approaches and general scheme of protection against bookmarks. The protection is based on the following functions:

creation of such conditions under which destabilizing factors (DF) cannot appear;

prevention of the appearance of DF, even if there are conditions for this;

detection of the appearance of DF;

prevention of influence on the information of the appeared DF;

detecting the negative impact of DF on information;

localization of the negative impact of DF on information;

elimination of the consequences of exposure to DF.

Methods and means of protection. To protect against bookmarks, methods of analysis, synthesis and management, organizational and legal, hardware and software should be used. Below is an overview of the anti-bookmark-specific tools.

The means of combating viruses and other malicious bookmarks can be divided into legal, organizational and administrative, hardware and software.

Not only the websites of banks and government organizations are the targets of hacker attacks. Personal information of ordinary users can also be of interest to cybercriminals. They willingly use other people's accounts on VKontakte or Facebook for fraud, they can demand a ransom for private photos, and when they get to these payment systems, they can withdraw all the money on the account.

In order not to become a victim of hackers, it is necessary to pay great attention to the security of storage of personal data, notes an expert in the field of corporate and information security. Igor Chernov... According to him, attackers have a number of different ways to inject malware onto user devices.

“The success of hacks and attacks in 99% of cases is determined not by the fact that hackers are so smart, but by the fact that users behave stupidly. There are several ways to implement these programs on those objects that attackers want to control: this is postal delivery, SMS distribution, if it is a large company - the introduction of such a program by a recruited system administrator, "explained Igor Chernov.

It happens that the link received in the message visually looks reliable, but in fact, clicking on it, you will be taken to a dangerous site. Therefore, the expert advises to always pay attention to what is in the address bar of the browser. In addition, scammers very often imitate the interface of popular resources and easily obtain the logins and passwords of inattentive users.

“I am paranoid by profession, so I, for example, do not open mail even from people I know, if there is no confirmation that the letter was sent by a person, and the letter contains such and such. That is, if he told me about it in correspondence or personal conversation, then I will open it. Most of our people are not scared: some letter came with some kind of link, and they open it to look. But there will also not be written "Open this link and we will infect your computer with malware." There will be something interesting and tempting. As a rule, most of us follow this link. And then they cry after all the data on their computer has become encrypted, ”said Igor Chernov.

As the specialist emphasizes, users' gadgets are hacked for a reason - hacking for the sake of hacking, but for specific purposes. This can be malicious data corruption, unauthorized access, information theft, and so on. According to Igor Chernov, Kazakhstanis are exposed to these threats in the same way as users in other countries.

“I would not say that Kazakhstanis somehow stand out from the global trend. Everyone's problems are about the same. This is just information theft, spamming. Maybe after infection the information on the computer will be encrypted, this is fashionable now, maybe something else. It is the same for the whole world, we do not stand out here in anything absolutely, ”said Igor Chernov.

Those users who have a decrease in the speed and stability of the device need to be wary and be sure to run a full scan with an antivirus with the current database. In addition, there are a number of criteria by which you can determine that intruders have gotten to your computer, tablet or laptop.

“If your computer has encrypted all the information, then this is understandable. If everyone tells you that some kind of spam is coming from you, this is also a criterion for drawing conclusions that your computer is infected. If your information is used by other people who, by definition, cannot know this information. There are a lot of criteria here, it is impossible to determine one by one, ”said Igor Chernov.

Those users who are asked by hackers for money to decrypt information on their infected gadget are in a very difficult situation. As Igor Chernov notes, there are only two options: to pay or not to pay.

“Each has its own pros and cons. By paying, the user can get some kind of key, and the computer will start working as before. But you can pay and receive nothing or receive a new claim with the next payment. You can not pay and try to recover the information yourself. Laboratories that produce antivirus software help their clients with some viruses. It is impossible to say unequivocally what the user should do in this case - everyone makes a decision on their own, "Igor Chernov emphasized.

According to the expert, it is much easier and more profitable to prevent the problem than to solve it later. Therefore, the main task of users is to prevent infection of their devices.

“To do this, one should not open unfamiliar letters, let alone follow dubious links. Do not climb sites that you do not know. Do not give someone your gadgets for a while, do not let strangers into your computer, do not insert unfamiliar flash drives there. Seemingly simple ways, but nevertheless, many people neglect them. All the problems stem from this, ”said Igor Chernov.

In summary, below we offer seven ways to protect your data.

# 1: Strong Passwords

To protect information on your work computer, you first need to create a password for your account. To do this, click: "Start → Settings → Control Panel → User Accounts" and set your password. If necessary, you can easily block your computer: start - shutdown - block. When you turn on the device, you will also need to enter a password. The laptop can be configured to lock when the lid is closed. For added security, you can also set a password on the BIOS or hard drive.

In this case, the password must be reliable, otherwise the meaning of its installation is lost. Use a special generator and take the trouble to create different passwords for all your logins. This also applies to social media accounts and email accounts. You can also password-protect important documents. The main thing is not to store keys in TXT, DOC, RTF files. Better to use a special program for storing passwords. Then you will only have to remember one password, and the rest you will find in the list.

# 2: Up-to-date antivirus

Perhaps the main threat to personal information is viruses. Trojans, worms, keyloggers and other malware can remove, steal or modify it. To protect personal data, it is advisable to have an up-to-date version of antivirus software with firewall and firewall functions, as well as be careful on the network - do not download unverified files from file hosting services, do not click on suspicious links, and so on.

# 3: two-factor authentication

This system is not yet very common among users, but it is distinguished by its effectiveness. It assumes not only a strong password, but also certain information or fact that is known exclusively to the user. For example, it could be his voice, fingerprint, smart card, or something else. If only unauthorized persons did not have access to these factors.

# 4: using the HTTPS protocol

When paying for anything on the network, you need to make sure that the server supports the HTTPS secure data transfer protocol. In this case, when conducting financial transactions, the system assigns a unique certificate to the client, after which all data sent by him is encrypted with a 40, 56, 128 or 256-bit key. Decryption is performed only on end devices, so interception of such a signal will give nothing to the attacker.

Websites of online stores, banks, and payment systems (Yandex.Money, Webmoney) use the HTTPS protocol by default. Services Facebook, Google, Twitter, Vkontakte provide the ability to enable it in the account settings. Resources that do not use this protocol should be treated very carefully.

# 5: Securing Wireless Networks

Attackers can also gain access to the contents of a computer via an unsecured Wi-Fi network. To avoid this, it is recommended that you install WPA / WPA2 data encryption on your router and come up with a strong password. You can also protect yourself from hacking a Wi-Fi network by turning off the broadcast of the connection name (SSID). In this case, only those who know the exact name of the network will be able to connect to the router.

# 6: data encryption

You can protect valuable data on your computer using encryption. Programs such as Free Hide Folder, Folder Lock, TrueCrypt and others allow you to do this completely free of charge. In addition, important files can be packed into a ZIP or RAR archive with a strong password. An attacker will not be able to open such an archive, even if he gains full access to the PC.

# 7: parental control systems

The risk of catching viruses or becoming the object of a hacker attack increases significantly if children are sitting at the computer. In this case, you can protect yourself with the help of the parental control system: it allows you to regulate the time the child spends at the computer, prohibit access to certain programs and sites, and block the ability to install software. In addition, a separate account with limited rights can be created for the child.

Unfortunately, there is no universal way to protect data that is 100% effective. Experts advise combining these or those methods and periodically backing up the most important information in order to protect yourself as much as possible from hackers.

Igor Chernov - Director of LLP "Informsecurity", an expert in the field of corporate and information security.

No modern person can do without a computer. Almost all the time, people deal with computers, be it a stationary device, laptop or smartphone. The imprint of human activity remains on the hard disk. Music, personal photos, work documentation - it's all on your device. And it is highly undesirable for any of this to fall into the wrong hands. Therefore, protecting information on a computer is an important aspect for any user.

Protecting information from viruses

Probably any PC has encountered viruses. Most viruses are not designed to steal data; rather, they are just software errors. However, they are the ones that prevail in the computer world. And such viruses are by no means harmless. The disappearance of data or entire blocks of information is the smallest thing that can happen. If the appropriate measures are not taken, the virus can destroy the system with all the data. They can get into the computer either through files downloaded from the Internet or from external storage devices (disks, memory cards, etc.).

To avoid this, be sure to install an antivirus. The most popular antivirus programs are Kaspevsky, NOD32, Microsoft Securuti Esential. Be sure to run a full scan at least once a week. Particularly dangerous viruses can damage information, even if the antivirus detects them as soon as they enter the computer. Therefore, first check all the files that are going to be transferred to your computer.

Protecting information and account with a password

If you have information on your computer that you would like to hide from those who have access to your computer, set passwords for the most important files or folders. First of all, you need to create a password for your account. To do this, click:

Start;
Settings;
Control Panel;
User accounts.

Now set a password. If necessary, you can easily block your computer: start - shutdown - block. When you turn on the device, you will also need to enter a password. The laptop can be configured to lock when the lid is closed.

If you do not want to block your account, but only some files, set a password for the folder. The easiest way is to put a password on the archive. This will require the standard program "Archiver". First you need to create an archive from the folder, and then set a password. This is a very convenient way, since such an archive can be sent over the Internet. The recipient will also have to enter a password to access the information. By default, “.rar” will be added to the name of such folders. This can be easily removed by simple renaming. This will not affect the function of such a file in any way. We also recommend this video about modern problems in protecting personal information:

Protection of information and accounts

Each user has many accounts on the internet. Email, social networks, forums - all have their own password and username. You should take the protection of your online accounts very seriously. Many people use the same password for most accounts. In this case, if one profile is hacked, you may lose access to the rest. Therefore, it is better to have different passwords at least on important sites. If possible, be sure to set up verification via a phone number. If you lose access to your account or forget your password, you can easily recover it. Many resources have a function to check the entrance by sending an SMS with a code to your number.

With the development of technology, password cracking programs have appeared in the public domain on the Internet. Popular sites are protected from such programs. However, with the help of some applications, you can guess the password for your account.

This is done as follows:

The program selects all possible combinations for the number of characters;
Even if the password is 3 character-numbers, it can take a very long time to guess. But sometimes this method is still successful. Therefore, make the code as long as possible and combine numbers with letters.

The best way to do this is using special password generators (they are freely available on the Internet).

Protecting sensitive information: renaming folders and documents

Even if you have taken all the necessary protection measures, it is necessary to provide for a situation where an unwanted person still gains access to your information. Start by renaming important documents. Make a list of files that could potentially be of interest to attackers (for example, the folders "Banking operations of the company" or "Personal photos" will clearly attract attention). Then rename them. Use inconspicuous names in the form of numbers.

Next, place important documents further away. That is, don't leave them on your computer desktop, but create a folder in a folder on your hard drive. If you need to hide the file and still have quick access to it, make it invisible. To do this, right-click on the folder: properties - settings - change icon. Next, select a transparent picture from the list. This way the folder will be on the desktop, but it is difficult to visually notice it.

Encrypting information on a computer

A password folder can stop an amateur intruder. But the hacker is unlikely to even be detained. Since it is not that difficult to bypass the standard Windows protection. The best is to encrypt it. This is done using special programs (the most popular is TrueCrypt). They use a difficult arbitrary algorithm for encoding. Therefore, hacking is almost impossible. This is the most common protection for computer information.

The encoded data forms an encrypted container. In terms of properties, it resembles a regular folder. But it is impossible to enter it without a key (password). The container can be moved to a USB flash drive, another hard drive, sent over the Internet without losing its protective functions. An important aspect is the size of the container. It is selected upon creation. Since it will not be possible to change this parameter in the future, set the size depending on the purpose. Create an access code, or key, to encrypted information using a password generator (for reliability).

Backup

It should be remembered that information may not only be subject to unauthorized viewing or copying, but also deleted. And not only because of someone's malicious intent, but because of system errors or physical damage to the media. Therefore, always duplicate important information.

The easiest way is to dump it to a CD or USB flash drive;
You can also sync with a virtual hard drive on the Internet. This is very useful if you often work on other people's computers. When you access the Internet, you can always download the necessary files.

If the information is still deleted, it can still be restored. To do this, install a special program in advance (there are many free utilities on the network). They will help you recover erased files and disk images. The main thing in this business is not to waste time. New information will be immediately written in place of the deleted files. This can happen without your knowledge, especially if the computer has an Internet connection. Even if you act promptly, it is not a fact that it will be possible to restore the lost information. Therefore, be careful.

See also the video about Backup in Windows 7:

So, protecting computer information is not as difficult as it seems. But badly needed. It is not known exactly when your confidential data will be attacked or disappear. Therefore, it is better to take care of this in advance.

For the best security, you must combine all types of protection on your computer.

In the era of information technology, there is an acute question of how to protect data on a computer. Passwords and logins from social networks, banking account management systems, account data, private photos and other files can all be of interest to attackers.
The targets of hackers' attacks are not only government agencies, banks or popular websites. The personal information of ordinary users can also interest crackers. Stolen accounts on Odnoklassniki or Facebook are used by criminals for fraudulent purposes, stolen photographs become the subject of blackmail, and obtaining data from payment systems gives cybercriminals the opportunity to leave their owners penniless.
In order not to become a victim of hackers, it is necessary to pay attention to the security of personal data storage. This article will tell you how you can protect personal information on your computer.

Method 1: strong passwords

The easiest way to protect data on your computer is to use strong passwords. Most users know that security experts do not recommend using simple combinations of numbers and letters (qwerty, 12345, 00000) as a key. But the emergence of "smart" cracking programs has led to the fact that more complex passwords can be calculated by brute force. If the attacker knows the potential victim personally, an atypical, but simple key (date of birth, address, pet's name) is also easily selected.
To save accounts on social networks and other resources, as well as a user account on a PC, it is recommended to use complex combinations that consist of upper and lower Latin letters, numbers and service symbols. It is desirable that the password be easy to remember, but does not contain an explicit semantic load. For example, a key like 22DecmebeR1991 is recognized by sites as reliable, but contains the date of birth and therefore can be easily hacked.

Method 2: encrypt data

To protect personal information on a computer in the event a corporate attacker attempts to access it, it is recommended to use data encryption. Enterprise and professional versions of Windows are equipped with BitLocker. The system mechanism allows you to encrypt information on one or more hard disk partitions. Access to files becomes possible only when using a special key.
If you need to secure individual files and folders, the easiest way to protect personal data on your computer is to use encrypted archives. By moving documents, photos or other data to a password-protected archive, an attacker will not be able to open them even after gaining full access to the PC. To open ZIP or RAR content, you need to dial an access code. Most modern archivers are equipped with similar functionality.
There is also a large number of free software that allows you to encrypt data. Such programs include Free Hide Folder, Folder Lock, TrueCrypt and others.

Method 3: using an antivirus program

To gain access to someone else's PC, hackers use auxiliary software installed on the victim's computer. Trojan viruses intercept information entered from the keyboard, replace sites with copies created by fraudsters, and transfer personal data. To protect personal data, it is advisable to install the current version of the anti-virus software and keep track of its updates. It is also recommended to restrict access to drives by prohibiting reading information from them over the network.

Method 4: set a password on the BIOS and / or hard drive

Basic OS password protection does not allow you to quickly hack the system, but it is vulnerable if the computer falls into the hands of a criminal for a long time. By reinstalling Windows, you can access unencrypted files. Setting a BIOS password (UEFI) *, which must be entered when turning on the computer, makes it impossible to boot the PC from either the built-in or external media.
*BIOS (Basic Input / Output System) or UEFI (Unified Extensible Firmware Interface) is a part of the system software of a computer that is responsible for organizing the operation of the hardware components of the system and controlling its loading. The BIOS / UEFI setup menu is entered at an early stage of the PC boot (the first seconds after turning on) by pressing the Del, F1 or F2 button (see the instructions for the PC or laptop). For different computer models, the names of the settings sub-items may differ, but, as a rule, the necessary options are located in the section whose name contains the word Security.
An even greater degree of protection of personal information is provided by hard disk password protection. By setting the access code for the drive via BIOS / UEFI, the user makes it useless in the hands of an attacker. Even after removing the hard disk drive from the PC case and connecting to another device, you cannot access the data. An attempt to unlock the drive with the "master key" will destroy the data.

Method 5: using the HTTPS protocol

The use of the HTTPS secure data transfer protocol eliminates the risk of interception of information that is sent to the server in encrypted form. This standard is not a separate technology, but is an add-on over standard HTTP. When using it, data encryption is carried out using the SSL protocol.
Unfortunately, for this method of data protection to work, the server must be equipped with support for this technology. It cannot be used unilaterally.
If the server supports HTTPS, then when the client connects, the system assigns it a unique certificate and all transmitted data is encrypted with a 40, 56, 128 or 256-bit key. Thus, decryption is carried out only on end devices, and interception of someone else's signal will not give anything to the attacker.
If the service involves working with confidential information or conducting financial transactions, it is recommended to be wary of resources that do not support HTTPS.
Websites of online stores, banks, and payment systems (Yandex.Money, Webmoney) use the HTTPS protocol by default. Services Facebook, Google, Twitter, Vkontakte provide the ability to enable it in the account settings. Other sites also work with him.

Method 6: securing wireless networks

If the computer's security settings do not restrict access to it over the network, an unsecured Wi-Fi network allows an attacker to gain access to the contents of the drives. To avoid this, it is recommended to set WPA / WPA2 data encryption method on the router and set a strong password (see Method 1).
To eliminate the risk of hacking the Wi-Fi network, you can turn off the broadcast of the connection name (SSID). In this case, only users who know the network name will be able to connect to the router.

Method 7: parental control systems

If children use the computer, the risk of catching malware increases significantly. To protect your personal information on your PC, you can create a restricted account for your child. Windows (7 and newer) contains built-in parental controls. With their help, you can limit the time a child spends at the computer, prohibit access to certain programs, and block the ability to install third-party software.
There is also third-party software that has similar (or broader) functionality. You can find both paid and free parental controls on the Internet. In addition, some providers support this function. In this case, in your personal account on the operator's website, you can set restrictions on visiting certain resources.

How to protect information on your computer most reliably

Each of the above methods of protecting personal data on a computer is reliable in one situation, but it also has vulnerabilities. To achieve a high level of security, it is recommended to combine methods.
Unfortunately, there is no universal data protection method that is 100% effective. Even the servers of banks and law enforcement agencies are vulnerable to attacks by hackers, as evidenced by large-scale leaks of documents from the Pentagon, US governments and other countries published by Wikileaks.
Nevertheless, given that ordinary users rarely fall prey to hackers of this level, it is possible to secure personal data. For this it is recommended:
install an up-to-date version of the anti-virus program (preferably with firewall and firewall functions);
protect the user account with a strong password;
do not use the same access codes for all accounts;
protect Wi-Fi, disable file sharing on a PC over a local network, first of all, to the system partition (if this is not possible, restrict access by allowing it only to trusted network members who really need it);
do not store keys and passwords in TXT, DOC, RTF and other documents on the PC itself;
the most valuable files and folders should be placed in a password-protected archive or encrypted.

You can protect personal information on your computer in other ways. The main thing is to find a compromise between the level of security and the usability of the PC. Drastic measures (such as fully encrypting data, accessing the PC with a physical key, and restricting the list of allowed resources) can be overkill on a home PC and cause unnecessary inconvenience. Practice shows that the use of overly complex protective equipment leads to a gradual refusal of users from using them.