Personal PCs and policies:
-Wireless is WPA2-PSK
-Complex 8 char minimum password requirements with a symbol capital letter and a number
-Password rotation every 90 days for email and every 180 for online services
-PGP Whole Disk Encryption for my netbook (evil maid attack). Universal Shield for desktop, I have a second 500GB drive encrypted that has sensitive docs, etc...
-Always lock your PC while not in use.
-WOT (Web of Trust) browser add-on, AdBlock, HTTPS Anywhere, private/incognito browsing for sensitive things and TOR + GhostSurf (double-proxy ?!) for ultra-sensitive (pages load like 56k but you're invisible).
-CCleaner to clean Cookies/Temporary files
-I have PGP keys for email, but I don't really use them anymore.
On my linux server and home network:
-No DMZ, only router-set forwarded ports
-Squid proxy, Snort IDS/IPS for network intrusion
-Web, DNS servers (never fall victim to DNS poisoning), caching.
-NESSUS vulnerability scans every other week.
Tips:
-Disable remote login on your router, especially if you have FIOS or Comcast.
-Change your password to your router also. Your wireless password is meaningless if you don't secure the login to the router.
-Configure updates to download automatically, but do not install. Install as soon as you can.
-If you want to significantly decrease your risk of infection or compromise, stay away from P2P.
-Check Recent Activity on your gmail accounts, make sure the sessions appear to be your own.
-NEVER click links that you are suspicious of. If you think the link is fishy, take it to the URLVoid link scanner (
http://urlvoid.com/) to scan the site (did you just click on the link? BAD! Google it first, verify WOT and make sure it's safe first!) or Anubis simulator, (
http://anubis.iseclab.org/) to detect malicious scripts/ActiveX plugins etc, or the PhishTank (
http://www.phishtank.com/)
-Make sure your programs are all up-to date. Download a program that detects your applications and finds updates for them (I won't spoil the cool thread that's being cooked up for this).
Notes:
-Do not fall victim to social engineering, shoulder surfing, phishing, etc. Be smart about what you do on the web and you'll be fine.
-Did you know that over 800,000 people have Top Secret government clearances? That's more people than the population of D.C. How is this relevant? Well, I'm just saying.... I do this stuff for a living.