The use of computers across businesses of all types has created vulnerabilities for those businesses in the individual client computer. A client computer is a computing device that connects to a network in one of several ways, but the term typically describes a laptop or workstation computer. Because client computers are connected to networks of other computers, if an attacker or a virus gains control of an networked computer, it can be used as a launching pad to attack any or all of the devices on the network. While the user is the weakest link in any security scenario, there are several things that can be implemented to protect the workstation and the entire network.
Users should lock their workstations when they walk away, even for a minute. That is all it takes for a malicious co-worker to send out an email in the user's name, or surf a website that downloads a virus or some other software unknown to the perpetrator. At the end of the day, lock the room if possible, to protect the computer from intruders who gain access to the building. Physical security is the first line of defense for client computers. Users who work from home should log off while they are going to be away from home for an extended period of time. A laptop should never be left on a car seat or hotel room.
Video of the Day
Every client computer should require a user to log in before using it. Whether the credentials are local to the computer or stored on an authentication server, nobody should be able to use a computer without logging in first. This stops everyone who is not an authorized user on the computer or the network from using a client machine for mischievous purposes.
The abundance of malware in the form of viruses, worms, Trojan horses and more requires the use of anti-malware software on every client machine. If one machine becomes infected, all machines on the network will become infected. Viruses and worms spread extremely fast, and it only takes a few minutes to infect every machine on the network, even if there are thousands of them. Large companies should deploy enterprise versions of an anti-malware product on all its client computers. Samller companies of a hundred computers or less may decide to deploy one of the many free offerings available, but should use the same software on all client computers.
Where possible, users of client computers should only connect with other computers and servers using secure protocols. One of these is HTTPS, or Secure HTTP, which creates a secure connection to Web sites. Another is Secure FTP, or file transfer protocol, which encrypts user ID and password information, unlike native FTP. Rather than using Telnet to connect to a remote computer, users should use Secure Shell, which adds security to the remote connection.
The last line of defense for a client computer is a personal firewall installed on the machine. While an Internet firewall at the organization's Internet connection is the first line of defense, the personal firewall protects the client from attacks that get through, as well as attacks that originate from within the corporate network. Both Windows and most Linux distributions have a client firewall included, and Windows' firewall is preconfigured for default protection.