In the last post, we reviewed 4 simple tactics that you can implement to keep your system safe from “drive-by” spying. Those were common sense changes that you can do, but they require a small change your login habits. These changes will keep your system safe from Sam the competitive sales rep, Mike the competitive manager, or Ed the competitive entrepreneur. However, they won’t stop Harry the hacker, Carl the code cracker, or Tim the technician. These guys know how the Windows operating system work and they know where to look to find sensitive leftover data.
Here are 3 things that you can do to limit access to or remove leftover sensitive data:
Clear your Browser cache.
Now we are working our way up the food chain. The browser cache allows your browser to respond faster to commands and pull up sites faster. It also holds all of the past websites that you’ve visited. So if someone were to gain access to your machine, either by getting physical access to your system or through some type of software intrusion, they would be able to access your browser cache and see where you’ve been.
Want to insure that it gets cleared when you shut down your browser? In IE7, click on “tools” in the browser’s menu bar, and scroll down to “Internet options”. Then click on the “advanced” tab and scroll down to the “security” section. Check the “Empty Temporary Internet Files folder when browser is closed” box. Also, while you are at it, turn on the phishing filter by clicking on the radial knob for “Turn on Automatic website checking”.
When possible use NTFS instead of FAT for your file system.
The NTFS file system provides you with a lot more protection than the FAT system. It allows you to set access to certain files according to users and protects your files if you have more than one user accessing your system. It also provides a level of protection to your files in case someone does manages to get your hard drive and attaches it to another system. The good news is that most XP/Vista systems come using NTFS on the hard drive. The bad news is that those small, ubiquitous USB drives use the FAT file system, not the NTFS file system. This means that if you have sensitive files on your USB flash drive and you lost it, anyone with a computer will have complete and unfettered access to the data on your flash drive.
Best to use some of the USB file encryption packages out there. Sandisk typically bundles it encryption packages with their USB flash drives, but there are others software tools out there that will do the job. Check with your IT guru or stay tuned here. We’ll be looking at some of those packages in the near future.
Clean off your paging file on logging out.
This one is going to be a little more complicated. The paging file is that place on the disk that the system stores data from memory that it doesn’t need immediately, but will need in the near future. If you’ve ever run MS Word, Excel, PowerPoint, and a couple of instances of IE7, then you’ve probably seen your paging file in action as you switch between the programs. The challenge here is that paging file won’t zero out when the machine shuts down. So that excel spreadsheet with all of your client’s credit card numbers you were reviewing two days ago and you thought that you threw down on your server (or that secure flash drive) may still reside on your system in the paging file.
The good news is that not everybody knows what a paging file is used for and they need to know what they are doing in order to get information out of it. The bad news, most technicians that you will take your system to for service knows what the paging file is used for and it can be read with the same utilities that can find those previously mentioned deleted files. To make matters worse, the paging file is not encrypted. So if you’ve got your data encrypted in your files and you are using the NTFS file system to control information access, someone with a rudimentary understanding of the way windows works can still gain easy access to your most sensitive data through the paging file.
The following steps will make the system clear the paging file on shutdown. Remember, though, that this will slightly increase the time it takes your system to startup and shut down as it zeros out, and rebuilds the paging.
To have the paging file erased when you shut the system down, do this:
- Go into the control panel.
- Click on the “Administrative Tools” icon.
- Click on the “Local Security Policy”.
- Expand the tree under “Local Policies” by on the “+” next to “Local Policies”.
- Click on “Security Options”
- Double click on “Shutdown: Clear Virtual Memory Pagefile”.
- Select the “Enables” radio button on the console that comes up.
- Click on OK.
Implement the above steps and you’ll reduce the exposure of any sensitive data residing on your system.
Coming next: 3 Easy Additions to Thwart Intruders