Safe at Home: CISOs on Security for Home PCs and Networks

CISOs are always pushing computer security policies. We asked three of them to forget the policies and show us how they handle security on their own home computer systems.

Nontechnical employees with less complex home computing environments will find this example easy to emulate (and effective too) if they take their cue from his disciplined approach to antivirus, antispyware and procedural safeguards.The SetupWhat he has: One PC (Pentium 4) and one laptop (Dell Inspiron), both running Windows XP without Service Pack 2 (at least not yet). No local area network in place at home, although he is testing wireless.

How he connects: Broadband cable modem. Connects to work via a virtual private network (VPN).

About the family: Wife is a power user of Microsoft Office, Microsoft Print Shop and the Web, and the kids use the computer extensively when they are home from college. The family makes some online financial transactions using applications from their financial services supplier. They don't use instant messaging.

How he handles backups: Iomega products, a USB token and CD writer on the laptop.Tech TalkRelies on the security protection provided by his ISP, Cablevision's Optimum Online. Tried Norton AntiSpam but could not install it effectively on Windows XP. It was affecting broadband performance, so he removed it and relies instead on the broadband service provider's implementation of Brightmail Anti-Spam. The broadband provider also blocks most pop-ups.

Uses Symantec's Norton AntiVirus and Norton Internet Security on the laptop, and ZoneAlarm Pro and the Norton AntiVirus on the desktop. LiveUpdate runs automatically every Friday night to update virus definitions.

Uses PestPatrol and Spybot Search & Destroy to combat spyware and adware. Both automatically run at least once per week.

Web browsers at their default privacy and security settings.

Does not use any Web monitoring or ISP- blocking programs, because only adults live at home.PracticalsEncryption: The CISO encrypts only Quicken financial files.

Passwords: The family uses strong, frequently changed passwords for online financial accounts and "ease-of-use passwords" for online shopping and e-mail. "I don't really practice what I preach at work," he admits. "Users at home complain too much."

Policies: Has instituted a "just say no" policy to any program requesting to act as a server or to access the Internet that is not explicitly authorized to do so. Family members do not store sensitive personal information such as passwords and account numbers on the hard drive, nor are they supposed to open any e-mail unless they know who sent it.The Kid Factor"The kids understood ['safe computing' concepts] fine, but they used old Napster and Kazaa anyway, until they got burned. Now they are more careful," says this CISO. And what about when other people's kids visit the CISO's home? "We physically lock up the machines."