My rule number four: Keep your operating system updated.When connected to the outside world, your most important device should be a personal firewall. "Don't go out without one." A firewall protects enterprise assets and business transactions by ensuring fast and secure connections with the Internet and between networks. They come in many flavours: software or appliance, single or multiple functions attached such as VPN, antivirus, IDS, IDP, content filtering etc., some manufacturers even propose all-in-one solution (Proventia-G from ISS). If you are an individual, my first suggestion is: use the firewall included in Windows XP Service Pack 2 (for basic use) or install a freeware/shareware such ZoneAlarm, Kerio Personal Firewall, Sygate Personal firewall, etc. An enterprise should select a firewall adapted to its needs (bandwidth, NAT, authentication, VPN, protection against SYN floods, H.323 based services, malicious code, etc.) However choosing a firewall for an organisation is not an easy task, for the simple reason that very few benchmarks are available and models keep on changing.
My rule number five: Install a firewall and configure it correctly. Assuming you have a local network with a certain number of PCs, anyone with access to any of these PCs can easily steal valuable data with a simple USB flash drive . In addition, network administrators should control access to PCs to avoid viruses, Trojans and other malicious programs often injected from removable media (pirated games, hacking tools, etc.). To avoid such a loss from the introduction of foreign media, you need to protect your PC's ports such as USB, serial, infrared, Bluetooth, CD player or floppy disk drives, etc. Only the administrator should be able to give the right to access PC's port. Software is available on the market such as DeviceLock from Smartline. My rule number six: Block all access ports.Another risk is the access to the motherboard BIOS. The first step should be to set a password to lock it. The first bootable device should always be the hard disk. With access to the BIOS, someone can effortlessly crack your PC's administrator password with a bootable CD filled with some "utilities".