Security for a newbie

What free security programs should I recommend for someone who doesn’t know how to create word docs (and Word is installed) or attach files to an email, and who has young kids who download and install everything they find?

I think CIS, as it is right now, will be too hard… 88)


I Agree with you.
Do you think GesWall and MSE would be okay?

It might. I wasn’t sure about whether GeSWall free would be good enough.
Edit: Because of the rules. But I could copy the rules from my pro edition to theirs…

For a newbie, no HIPS. or you should setup CIS with zero pop-ups rules.

I sujest a good AV, you know them, avira, MSE, CAV ;D
and a good firewall, can’t think of a good one at the moment, but i heard hte free pc tools one is fine ?

Geswall might be good, but it might be bad. You should explain how it works and it will be fine, but then again, a hips would be also…

So here, with this post, I’m only giving you more doubts ;D


“Good av, you know them…”
“Geswall might be good or but it might not…”
“For newbie, no HIPS…”
“Explain how it works, and HIPS will be fine…”

:smiley: so funny.

But it gives me something to think about lol.

1 thing for sure, Make backups.

Well, if you want to explain how Gewall works, you can also learn them how hips work. That’s what I meant, but then he wouldn’t qualify anymore as a newbie…

So actually, it’s a dilemma ;D


To what?

They don’t have an external hard drive, and I doubt the older laptop can burn DVDs…it is slow enough playing CDs.

Actually… If he gets GeSWall working correctly then it would require 0 user input by the noob.

Actually it’s a she. And it seems to be that females are even more uncomputerish (made a new word lol).


I thought I said she was a “newbie”. :stuck_out_tongue:

For people like that my opinion has always been
scissors cut the power cable. LoL

When I say that I’ve decided to best security for her is to cut the power cable…she might not like that. 88)

True But not only Are uneducated Nubies a threat to them selves but they spread Viruses.

In reality the best security for a Nubie, if they are willing is a some training in basic best security practices. and how to use the PC.

My wife for example she does not want to now anything about a PC except how to Use Outlook, Power Point, and Word. She is a perfect example of a dangerous nubie but she is getting better slowly and reluctantly. And part of her problem at work any is the computer guy in their office, and the senior & managing partners. The partners think they are saving money by not paying the PC guy to set up good security. I even offered CEM & CIS for free. The computer guy would rather make money fixing the problems than preventing them.

Yes but…

It takes a while to learn, even with a teacher. It took me 1-2 years to be able to start fixing common problems. All that time I was “exploring”.

You can’t just start as a expert. You start as a newbie. If the experts “snipped” the newbies from the internet/computer…soon all the computer users are old people and soon no one is on…

So I’m trying to at least fix up stuff so she won’t be as dangerous.

(Hmm…FDM is stuck by the big load…hehehe cough)

I agree, I was just poking fun. I wasn´t trying to start a serious dialog.

I think thats the best way to learn.

This is why one of biggest computer security risks and the hardest to control is the user.
Many/most do not have the time, realize the risks to their data and even more importantly they do not have the desire to learn to use a PC safely (meaning minimize the risk to their PC and their Network and other users, and therefore their Data)

See: 10 Immutable Laws of Security Administration
Law #1: Nobody believes anything bad can happen to them, until it does
Many people are unwilling partners in computer security. This isn’t because they’re deliberately trying to endanger the network—they simply have a different agenda than you do. The reason your company has a network is because it lets your company conduct business, and your users are focused on your company’s business rather than on the vagaries of computer security. Many users can’t conceive why someone might ever go to the trouble of sending them a malicious email or trying to crack their password, but an attacker only needs to find one weak link in order to penetrate your network.
Law #2: Security only works if the secure way also happens to be the easy way
As we discussed in Law #1, you need the authority to mandate security on the network. However, the flip side is that if you turn the network into a police state, you’re likely to face an uprising. If your security measures obstruct the business processes of your company, your users may flout them. Again, this isn’t because they’re malicious—it’s because they have jobs to do. The result could be that the overall security of your network would actually be lower after you implemented more stringent policies.
There are three key things you can do to prevent your users from becoming hackers’ unwitting accomplices.
Make sure your company’s security policy is reasonable, and strikes a balance between security and productivity. Security is important, but if your network is so secure that nobody can get any work done, you haven’t really performed a service for your company.
Look for ways to make your security processes have value to your users. For instance, if you have a security policy that calls for virus signatures to be updated once a week, don’t expect your users to do the updates manually. Instead, consider using a “push” mechanism to do it automatically. Your users will like the idea of having up to date virus scanners, and the fact that they didn’t have to do anything makes it doubly popular.
In cases where you must impose a restrictive security measure, explain to your users why it’s necessary. It’s amazing what people will put up with when they know it’s for a good cause.

As a result, relying on voluntary measures to keep your network secure is likely to be a non-starter. You need the authority to mandate security on the network. Work with your company’s management team to develop a security policy that spells out specifically what the value of the information on your network is, and what steps the company is willing to take to protect it. Then develop and implement security measures on the network that reflect this policy.

but that´s why some of us have/had a job


References See:

  1. IT Security Risks in the Office
    Lack of Employee Education Causes Increased Security Threats
  2. Human error is by far the biggest risk for computer network security, with carelessness with passwords costing businesses a fortune in theft and fraud, a survey by the Department of Trade and Industry (DTI) has revealed.
  3. 10 Immutable Laws of Security Administration
  4. My own Personal Opinion