System Maintenance Software.
While this doesn’t usually fall under the heading of ‘security’ per se, I consider the use of a good system maintenance tool to be directly tied to good security practices. Again, there are several good options on the market, and some vendors even offer this kind of functionality as a part of their overall security suite. As for me, I use System Mechanic. I prefer to have a tool that is separate from my security suite, as it can perform some useful added functions and provide some redundancy. For instance, you can run a security check that will test if you are open to null session attacks if you have the right patches installed, etc. There’s also a file shredding tool that you can use to permanently wipe sensitive files when deleting them. You can explore your startup processes and running processes in great detail, etc. Lastly, there’s something to be said for having a fully optimized laptop system.
Protecting the Browser
I won’t get into too much detail here, since the features and functions vary from browser to browser. Just be sure to fully explore the security options available to you and turn on the ones that make the most sense. Most browsers will also offer add-ons or plugins that can provide additional security layers. For instance, I tend to use Firefox quite a bit – and I always have the NoScript security tool installed. I also have a protected proxy server running, but that’s a little more of an advanced function. I’ll also call attention to another very interesting option (and one I use when I’m doing investigations or find myself ‘surfing’ in the danger zone). You can use a free virtualization suite (like VMPlayer or VirtualBox) and install an OS inside it that is JUST used for Internet access (Chrome OS, Splashtop, Browser Linux, the options are endless).
Whole Disk Encryption for the Hard Drive
Now we start to get into the fun stuff. Encryption is a powerful tool when it comes to protecting your sensitive data on a mobile device (including laptops). There are many different options for encrypting data, but if you really start to dig into the Windows operating system, you’ll find that there are many caches and other little hidey-hole that your data can sneak into. It’s just easier, and safer, to encrypt the entire drive. One option here is the free (and awesome) TrueCrypt. Another (and the one I prefer) is PGP full disk encryption. You could also just use BitLocker (if you have the right version of Windows), but I prefer using a third-party tool for encryption purposes. If your encrypted drive is removed, it can’t really be accessed.
Internet Security Suite
Assuming we’re now in a booted state with Windows up and running, the next thing you want to make sure you have in place is a strong security suite. This is where your anti-virus, anti-spyware, anti-spam, and general anti-bad stuff tools come into play. There are a number of good packages on the market – and you can choose from any one of them. Whatever you choose, make sure you do some reading, fully explore the features, and enable the functions that matter to you. I use BitDefender (and the second suite of tools I will not disclose here), which is a particularly strong security suite, but it’s a little less user friendly than some of the others. And, yes, there can be value in running two different security suites at the same time, but you need to fully understand what you are doing – otherwise, you’ll run into a lot of issues.
That way nothing is persisted from your surfing experience – and everything disappears when you terminate the virtual session (without saving it of course).